Skip to content

feat: add Upstash rate limiting + per-user tool-call cap#33

Open
Shubham Kumar (shubhamkr790) wants to merge 1 commit into
ComposioHQ:mainfrom
shubhamkr790:feat/upstash-rate-limit-and-tool-cap
Open

feat: add Upstash rate limiting + per-user tool-call cap#33
Shubham Kumar (shubhamkr790) wants to merge 1 commit into
ComposioHQ:mainfrom
shubhamkr790:feat/upstash-rate-limit-and-tool-cap

Conversation

@shubhamkr790

@shubhamkr790 Shubham Kumar (shubhamkr790) commented May 29, 2026

Copy link
Copy Markdown

What

Adds two server-side guards that the README explicitly calls out as missing (lines 124–131):

  1. Sliding-window rate limiter on /api/chat — 20 requests / 60 s per user (configurable).
  2. Monthly per-user tool-call cap — 1 000 tool calls / month, enforced before the agent runs and tracked via Redis counters that auto-expire.

Both are opt-in: if UPSTASH_REDIS_REST_URL and UPSTASH_REDIS_REST_TOKEN are not set, everything passes through and existing deployments are unaffected.

Why this matters

Security note: Without rate limiting, any authenticated user on a public TrustClaw instance can trigger unlimited Composio tool executions and AI Gateway calls, burning through the host's API credits with no guardrail. This is the exact scenario the README warns about. The sliding-window limiter stops burst abuse, and the monthly cap puts a hard ceiling on per-user resource consumption — both essential before opening signups beyond a trusted circle.

How it works

Layer Where Default Response
Rate limit route.ts POST handler 20 req / 60 s 429 + Retry-After header
Tool-call cap (check) route.ts POST handler 1 000 / month 403 with message
Tool-call cap (increment) setup.ts onFinish fire-and-forget after agent run
  • Redis key for the cap is trustclaw:toolcap:{userId}:{YYYY-MM} — new month = new key, old ones self-clean after 35 days.
  • All config is via env vars (RATE_LIMIT_CHAT_REQUESTS, RATE_LIMIT_CHAT_WINDOW, MONTHLY_TOOL_CALL_CAP).

Changed files

  • src/server/clients/ratelimit.ts — new module: Upstash Redis client, rate limiter, cap check/increment
  • src/app/api/chat/route.ts — rate limit + cap enforcement before agent execution
  • src/server/api/routers/trustclaw/agent/setup.ts — tool-call count increment in onFinish
  • .env.example — documents new env vars
  • package.json — adds @upstash/ratelimit, @upstash/redis

New dependencies

Testing

  • TypeScript passes (tsc --noEmit — only pre-existing Prisma-generation errors remain).
  • Without Upstash env vars: all guards return allow, zero behavior change.

@shubhamkr790
feat: add Upstash rate limiting + per-user tool-call cap
8d26e67 
- Sliding-window rate limiter on /api/chat (20 req/60s default)
- Monthly per-user tool-call cap enforced server-side (1000/month default)
- Both opt-in via UPSTASH_REDIS_REST_URL/TOKEN env vars
- Rate limit returns 429 with Retry-After header
- Tool-call cap returns 403 when exhausted, auto-resets monthly
- Counter keys auto-expire after 35 days (self-cleaning)
- Zero impact on existing deployments without Upstash configured

New dependencies: @upstash/ratelimit, @upstash/redis

Addresses the security gap documented in README (lines 124-131).
@socket-security

socket-security Bot commented May 29, 2026

Copy link
Copy Markdown

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security		 Vulnerability Quality Maintenance License
Added@​upstash/​redis@​1.38.098100100100100
Added@​upstash/​ratelimit@​2.0.899100100100100

View full report

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@shubhamkr790