
Per-agent OpenAI cost + budgets + hard caps, with enforcement that lives in the SDK instead of a gateway
I had a bunch of agents hitting the same OpenAI key, and the monthly bill was a single number — no way to see which agent/feature/run actually spent it. The usage dashboard only splits by key.
Most tools that fix this are gateways/proxies: your calls route through them so they can capture full prompt + response.
I didn't want that extra latency and a failure point in front of the model, plus prompts leaving for a third party (dealbreaker if you're regulated).
I'm an SRE, so "add a hop to the critical path" is a reflexive no.
So the design is: an SDK wraps your OpenAI client and calls OpenAI directly.
It meters the call in-process and ships only metadata: token counts, cost, and an agent/run tag to a separate control-plane API.
Prompt/response content never leaves your process.
(There is a gateway service, but it's for ingest + policy, not in the LLM request path.)
import OpenAI from "@spaturzu/sdk/openai";
// Swap one import — reads SPATURZU_API_KEY + OPENAI_API_KEY from env.
const openai = new OpenAI();
// Tag any call with the agent that made it — one line, no closure.await
openai.withAgent("support-triage").chat.completions.create({ /* … */ });
On top of attribution there are three controls — the part I'd most like feedback on:
- Budgets. A USD limit scoped to the whole project or a single agent, over a daily or monthly period.
- Alerts. A background worker sums spend per period and fires at a % threshold to Slack, email, or a generic JSON webhook. (Email comes from our own sender; nothing to set up.) before a wrapped call hits OpenAI, the SDK checks current spend against the cap and, if breached, throws BudgetExceededError — the provider sees zero traffic. It's opt-in on both ends (an operator flags the budget as a hard cap; the dev passes { budget: { hardCap: true } }), and you pick onBreach: "throw" vs "warn". Spend state reaches the SDK via a server-sent-events push on breach, plus a ~60s poll backstop.
Honest caveat, since this sub will ask: because enforcement is client-side and eventually-consistent, it's a near-real-time guardrail, not a transactional ceiling a burst of concurrent calls right at the limit can slip slightly over before the breach propagates. The tradeoff buys you no proxy in the hot path. A gateway can block to the cent, but only by sitting in your request path.
Disclosure: I built this (spaturzu), solo. It's in beta with a free tier; the SDKs (Node + Python) are open source, MIT.
What I'm actually curious about:
- If you run several agents on one key, how do you attribute + cap spend today: separate keys per workload, parsing the usage export, a gateway, or just eating it?
- For hard limits specifically: is client-side enforcement (no proxy, small race window) good enough for you, or do you want a proxy that blocks to the cent and will accept the latency/content tradeoff to get it?