Your AI Assistant Just Bought a $30,000 Cloud Subscription

A postmortem of the $30K Claude bill incident.

The Story

In May 2026, a story made the rounds: "AWS user gets $30K Claude bill after cost alert misses it." Two weeks later, another company reported a $38,000 AWS Bedrock bill caused by a prompt caching miss.

A single prompt cache miss. $38,000. Not a billion-dollar enterprise. A regular business running AI agents.

How Runaway Costs Actually Happen

When you tell an AI agent to "research competitors and draft a report," here's the execution graph:

1. Search API        -> $0.03
2. Web scrape        -> $0.01
3. GPT-4 summary    -> $0.35
4. Agent decides: "not polished enough"
5. GPT-4 premium    -> $2.50
6. Image gen API    -> $1.00
7. Regenerate x 3   -> $7.50
8. Total            -> $13.39 for one report

An agent doesn't know the difference between a $0.01 action and a $10 action.

The Architecture of Prevention

A library can be monkey-patched. A proxy is a network boundary agents must cross.

agent-gov is a FastAPI reverse proxy:

# Your config changes from:
openai.base_url = "https://api.openai.com/v1"
# To:
openai.base_url = "http://localhost:8080/v1"

The proxy runs a 4-stage decision tree:

@app.post("/proxy/call")
async def proxy_tool_call(call: ToolCall):
    key_hash = db.hash_key(call.agent_key)
    agent = await db.get_agent(key_hash)

    # Stage 1: Auth - known agent?
    if agent is None:
        raise HTTPException(status_code=401)

    # Stage 2: Paused?
    if agent["paused"]:
        raise HTTPException(status_code=429)

    # Stage 3: Lazy budget reset
    agent = await db.check_and_reset_budget(agent)

    # Stage 4: Real cost lookup (not agent's estimate)
    registered_tool = await db.get_tool(call.tool_name)
    actual_cost = registered_tool["cost_per_call"] if registered_tool else call.estimated_cost

    # Stage 5: Budget check
    if agent["spent_today"] + actual_cost > agent["daily_budget"]:
        await db.pause_agent(key_hash)
        raise HTTPException(status_code=429, detail="Budget exceeded")

    # Approved
    await db.update_agent_spend(key_hash, actual_cost)
    await db.log_cost_event(key_hash, agent["name"], call.tool_name, actual_cost)
    return {"status": "approved", "spent_today": updated["spent_today"]}

The Anti-Cheat: Tool Registry

If you trust the agent's estimated cost, an agent can claim GPT-4 costs $0.01 when it's $12.50.

agent-gov uses a tool registry:

registered_tool = await db.get_tool(call.tool_name)
actual_cost = registered_tool["cost_per_call"] if registered_tool else call.estimated_cost
# cost_source: "registry" or "client_estimate"

A test proves agents can't lie:

async def test_proxy_uses_registered_cost():
    # Tool registered at Rs 500/call
    # Agent with Rs 100 budget claims Rs 1
    # Result: 429 - Blocked!

Why Proxy Wins Over Library

• Network boundary - agents must cross it
• Can't be bypassed by rogue import or version bump
• Language-agnostic - works with any framework
• Externally monitorable

Quick Start

pip install agent-gov-saas
agent-gov start
agent-gov config set budget 25.00 --agent my-bot

Auto-paused at $25. No $30K surprise.

---

Part 1 of "Taming Your AI" series. agent-gov is open-source, MIT-licensed.