Always get explicit per-run approval before paid/metered API calls
Context
AI agents acting autonomously can rack up surprise bills on metered APIs (Google Places, Apify, OpenAI direct, ElevenLabs, Twilio, etc.) โ even within "free tier" allowances, because free tiers expire, change, or quietly start billing. A single agent loop calling a paid endpoint N times is a real money leak. This rule sets the guardrail.
Detail
Decision
Never invoke a paid/metered API without explicit per-run approval from Kom โ even within the free tier. Approval is per-run, not blanket.
What counts as "paid/metered"
| API | Why metered |
|---|---|
| Apify | Per-scrape compute units |
| Google Places / Maps | Per-request after free quota |
| OpenAI direct (not via gateway) | Per-token |
| ElevenLabs | Per-character TTS |
| Twilio | Per-SMS / per-minute |
| Perplexity (some tiers) | Per-query |
| Freepik / image gen | Per-image |
What does NOT need per-run approval
| Source | Why exempt |
|---|---|
Aspire LLM Gateway (llm.aspiredigital.group/v1) | $0 marginal โ OAuth subscriptions absorb cost (per aspire-llm-gateway-only-egress) |
| Self-hosted services (Postgres, MinIO, Coolify apps) | Fixed cost, not per-call |
| Read-only internal APIs (BizDB, Xero gateway) | Aspire-owned, no marginal cost |
| GitLab, Odoo (self-hosted) | Fixed cost |
The approval pattern
- Agent identifies it needs a paid API call
- Agent estimates the cost (e.g., "452 FB + 133 IG scrape โ $4 AUD")
- Agent presents the estimate + waits for explicit "yes, run it"
- Only then does the call fire
- Agent logs the actual cost after
Real example (per MEMORY.md project_bizdb_apify_pending)
The BizDB Apify scrape (452 Facebook + 133 Instagram, ~$4 AUD) was approved but deferred โ batched to a single future session so the scrape + writeback happen together, minimizing repeated runs. Even at $4 and pre-approved, it waits for a deliberate "fire it now" rather than running ad-hoc.
Why per-run, not blanket
- Free tiers change without notice
- A blanket "you may use Apify" becomes "agent ran 50 scrapes overnight"
- Cost estimates force the agent to think about volume before firing
- Audit trail: every paid run has an explicit human "go"
Constraints we accepted
- Slower for genuinely cheap, obviously-fine calls
- Agent must maintain a sense of which APIs are metered (this page is the reference)
Revisit trigger
- A specific API proves so routinely-cheap-and-needed that a bounded blanket approval (e.g., "up to $X/month on API Y") makes sense
- Aspire adopts a hard spend cap at the gateway/proxy layer that makes per-run approval redundant for some APIs
Related
- aspire-llm-gateway-only-egress โ the gateway is the $0-marginal exception
- aud-pricing-default โ cost estimates always in AUD
- bizdb โ the Apify scrape example