Open-source TypeScript guardrails for AI applications. It helps you:
- block risky prompts (secret/PII checks)
- estimate and track model call spend
- enforce hard/soft budgets before model calls
- enforce tenant-level quotas for multi-tenant SaaS
- send webhook alerts and produce ROI savings reports
This is an open-core project idea with strong monetization potential: teams need spend control and policy enforcement as AI usage grows.
| Doc | Description |
|---|---|
| Install | Install from npm or local source, requirements, local dev, troubleshooting |
| Deploy | Deploy backend + dashboard (Docker, Docker Compose, Kubernetes, env vars) |
| User guide | Step-by-step setup, tenant quotas, alerts, ROI, production checklist |
| Hosted stack | Backend API, event ingestion, CI, production baseline |
| Sales one-pager | Value proposition and positioning |
| Market & GTM | Market feasibility, revenue methods, GTM, cost to run, quick intro, traction |
CONTRIBUTING.md · CHANGELOG.md
Most teams shipping LLM features hit the same pain quickly:
- cost spikes from unbounded usage
- accidental secret leakage into prompts
- no central budget ownership across teams
ai-cost-guard gives a lightweight runtime layer that can wrap any provider SDK.
npm install ai-cost-guardFull install options (npm, local path, provider SDKs) and local dev: docs/INSTALL.md.
import { RollingBudget, guardedCall } from "ai-cost-guard";
const budget = new RollingBudget({
hardLimitUsd: 200,
softLimitUsd: 150,
windowMs: 30 * 24 * 60 * 60 * 1000
});
const result = await guardedCall(
{
provider: "openai",
model: "gpt-4.1-mini",
prompt: "Summarize this customer chat",
maxOutputTokens: 300
},
async (input) => {
// Wrap your provider SDK call here.
return {
output: "summary...",
usage: {
promptTokens: 120,
completionTokens: 240,
totalTokens: 360
},
finishReason: "stop"
};
},
{
budget,
policies: {
maxPromptChars: 5000
}
}
);
console.log(result.actualCostUsd, result.budget.spentUsd);RollingBudget: rolling spend window with hard/soft limitsTenantQuotaManager: per-tenant rolling quotas with overridesguardedCall: policy + budget precheck around a provider callcreateOpenAIResponsesAdapter: OpenAI Responses SDK adaptercreateAnthropicMessagesAdapter: Anthropic Messages SDK adaptercreateWebhookAlertHandler: send budget/policy alerts to your webhook endpointROITracker: calculate prevented spend and money-saved percentagesevaluatePromptPolicies: standalone policy check utilitycalculateCallCostUsd: direct usage-to-cost conversion
import {
RollingBudget,
TenantQuotaManager,
guardedCall
} from "ai-cost-guard";
const globalBudget = new RollingBudget({ hardLimitUsd: 300, softLimitUsd: 250 });
const tenantQuotas = new TenantQuotaManager({
defaultBudget: { hardLimitUsd: 40, softLimitUsd: 30 },
tenantOverrides: {
enterprise: { hardLimitUsd: 120, softLimitUsd: 100 }
}
});
const result = await guardedCall(
{
provider: "openai",
model: "gpt-4.1-mini",
prompt: "Summarize this customer chat",
metadata: { tenantId: "starter-acme" }
},
providerCall,
{ budget: globalBudget, tenantQuotas }
);
console.log(result.tenantId, result.tenantBudget?.spentUsd);import {
ROITracker,
createWebhookAlertHandler
} from "ai-cost-guard";
const roi = new ROITracker();
const webhookHandler = createWebhookAlertHandler({
url: process.env.AI_GUARD_WEBHOOK_URL!,
includeSoftLimitWarnings: true
});
const onEvent = (event) => {
roi.ingest(event);
webhookHandler(event);
};
// Pass onEvent into guardedCall(..., { onEvent })
const report = roi.report();
console.log(report.totals.preventedSpendUsd, report.totals.savingsPercent);import OpenAI from "openai";
import {
RollingBudget,
createOpenAIResponsesAdapter,
guardedCall
} from "ai-cost-guard";
const client = new OpenAI({ apiKey: process.env.OPENAI_API_KEY });
const budget = new RollingBudget({ hardLimitUsd: 200, softLimitUsd: 150 });
const result = await guardedCall(
{
provider: "openai",
model: "gpt-4.1-mini",
prompt: "Summarize this customer chat",
maxOutputTokens: 300
},
createOpenAIResponsesAdapter(client, {
instructions: "Be concise and action-oriented."
}),
{ budget }
);import Anthropic from "@anthropic-ai/sdk";
import {
RollingBudget,
createAnthropicMessagesAdapter,
guardedCall
} from "ai-cost-guard";
const client = new Anthropic({ apiKey: process.env.ANTHROPIC_API_KEY });
const budget = new RollingBudget({ hardLimitUsd: 200, softLimitUsd: 150 });
const result = await guardedCall(
{
provider: "anthropic",
model: "claude-3-5-sonnet",
prompt: "Summarize this customer chat",
maxOutputTokens: 300
},
createAnthropicMessagesAdapter(client, {
system: "You are a concise support assistant."
}),
{ budget }
);- Install provider SDKs in your app:
npm install openai @anthropic-ai/sdk - This library keeps adapters dependency-free; you pass in SDK clients from your app.
- Add your own
priceTablewith current model prices to keep spend tracking accurate.
Default model pricing in this repo is intentionally example-only. For production, pass your own priceTable with current provider pricing.
Open source core (this repo):
- local runtime guardrails
- transparent policy rules
- provider-agnostic wrapper
Paid product layer:
- hosted dashboard for spend analytics and alerts
- policy management UI + team RBAC
- audit logs and compliance exports
- enterprise connectors (Datadog, Snowflake, SIEM)
npm install
npm run typecheck
npm run build
npm run test
npm run example
npm run example:adapters
npm run example:monetization
npm run example:backend-ingestRun backend API:
AI_GUARD_API_KEY=dev-token npm run backendRun dashboard (new terminal):
npm run dashboardOpen http://localhost:3000, set API URL to http://localhost:8787, and use API key dev-token.
To deploy to Docker or Kubernetes: docs/DEPLOY.md.
See CONTRIBUTING.md for development setup, PR checklist, and areas we need help (adapters, policy packs, docs).
- adapters for Groq/Google/Bedrock SDKs
- Redis-backed shared budget state
- per-user and per-feature quotas
- policy packs (HIPAA/PCI/GDPR presets)