Token-expensive prompts, large-document chunking, or poorly throttled agentic loops drive excessive model and tool invocations, exhausting token budgets, triggering throttling, or inflating cost beyond capacity planning.
AI/ML / Multi Agent Refarch / Threats / DEV
Denial of Wallet via token-expensive or unthrottled agentic calls
CCC.MARefArc.TH08
Related Capabilities
| ID | Title | Description |
|---|---|---|
| CCC.MARefArc.CP16 | Model-interaction zero-trust guardrails | Enforces authentication and authorization for every inference request and applies input validation against prompt injection, output filtering and redaction, access control, rate limits, and cost management before and after model execution. |
| CCC.MARefArc.CP06 | Agent collaboration and orchestration patterns | Supports supervisor/worker decomposition, skills-based routing, and agent-as-a-tool handoff for decomposing and executing complex tasks across multiple agents. |
Related Controls
| ID | Title | Description |
|---|---|---|
| CCC.MARefArc.CN02 | User, Application, and Model Firewalling | Establish enforced trust boundaries between the user, the application, and the models and tools by routing all traffic through the agent, LLM, and MCP gateways where guardrails inspect and constrain requests and responses. |
| CCC.MARefArc.CN06 | Quality of Service and DDoS Prevention | Protect model and tool availability by enforcing quality-of-service controls, rate limits, and abuse and DDoS mitigation at the gateways. |
| CCC.MARefArc.CN10 | AI Firewall Implementation and Management | Implement and operate an AI firewall within the guardrail components that inspects prompts, content, and responses for injection, sensitive data, and policy violations. |
| CCC.MARefArc.CN17 | AI System Observability | Instrument every layer to emit logs, traces, metrics, and events to the Observability Layer so that behaviour, drift, availability, and data handling are continuously visible and auditable. |
| CCC.MARefArc.CN18 | AI System Alerting and Denial of Wallet Monitoring | Monitor spend and usage of models and tools, and alert on anomalous consumption indicative of Denial of Wallet or runaway agentic loops. |
External Mappings
| Framework | ID | Remarks |
|---|---|---|
| air-vec | AIR-OP-007-01 |