Security, Rate Limiting & Content Policy

Layered defenses — rate limits, CSP, and circuit breakers — that protect the platform from abuse, control costs, and keep service reliable for all customers.

What Is This Feature?

Running an AI assistant at scale means you're operating a service that could, in theory, be misused — flooded with automated requests, probed for weaknesses, or manipulated through malicious inputs. This feature covers the layered defenses that keep your platform secure, your costs predictable, and your customers' experiences uninterrupted: per-customer usage limits, content security policies, and automatic circuit breakers that protect your system when something upstream goes wrong.

Why It Matters to Your Business

Security and reliability are table stakes for enterprise sales. Customers want to know their data is protected, their usage won't be affected by someone else's abuse, and that the platform won't rack up unexpected costs on their behalf.

Cost protection. AI responses cost money — compute, API calls to LLM providers. Without limits, a single misconfigured integration or bad actor could generate thousands of dollars of unexpected charges overnight. Per-key rate limits put a hard ceiling on this.
Fair service for everyone. If one customer's integration goes rogue and sends thousands of requests per minute, it shouldn't degrade the experience for other customers. Rate limiting ensures fair resource distribution.
Protection from web attacks. Content Security Policies (CSP) prevent a class of web attacks where malicious scripts are injected into your pages. Violations are automatically reported and aggregated, giving your security team visibility without manual monitoring.
Graceful degradation. When an upstream AI provider has an outage or becomes slow, you don't want that to take your entire platform down. Automatic circuit breakers detect the problem and route traffic away from the failing provider, keeping your service up for customers.

How It Works (No Technical Jargon)

Each API key has a quota — a maximum number of requests allowed within a given time window. Every request checks this quota in real time:
- Under the limit: request goes through normally
- Approaching the limit: the response includes headers showing how much quota remains, so the calling system can slow down gracefully
- Over the limit: the request is rejected with a clear error, not silently dropped

Quotas can be set per customer, per integration, or globally. Legitimate customers who hit their limit by accident can request an increase through a self-service flow.

Every page served by the platform includes instructions to browsers about what scripts and resources are allowed to load. If a browser detects a violation — say, an injected script trying to load from an unauthorized source — it reports that violation back to the platform. These reports are aggregated and can trigger alerts if a pattern of violations is detected.

If an upstream service (like an AI provider) starts returning errors or responding slowly, the circuit breaker automatically reduces traffic to that provider and routes requests to a backup. Once the provider recovers, traffic is gradually restored. This is invisible to end users — they experience a brief slowdown at worst, not a hard failure.

What You Can See and Control

Real-time quota usage per API key, with alerts when limits are approached
A log of rejected requests (who was rate limited, when, how often)
A feed of Content Security Policy violations, grouped by type
The current state of each circuit breaker (healthy, degraded, open)
Controls to temporarily raise quotas for specific customers or integrations

What to Expect on the Roadmap

The team is building:

Per-API-key quota middleware with real-time tracking and monitoring dashboards (estimated 3 weeks)
CSP violation reporting and alerting
Circuit breaker wrappers for all external AI provider connections

Once live, you'll have clear controls and visibility over platform usage, with automatic protection against both external abuse and upstream failures.