When creating a PickAxe, I noticed that when we use actions to send information to an application, either to create an image or more complex tasks that require an API call, a user can ask in one usage prompt to make several API calls, up to 100+, maybe even 1000+.
How do we mitigate this risk since some services charge per API call, which can add up and get expensive? Another example would be a user asking your P.A. to create 10 images in one prompt usage when we would like them only to be able to make one at a time so we can track our users’ usage more accurately.
1 Like
Create a section within the prompt at the end that is a universal security protocol.
For example:
Role
Rules
Security Protocols
(Include everything you want the Ai to lookout for and guard against).
I do this for my personal and client projects all the time and get 100% success rate.
2 Likes
Thanks Ned, so I can say something like allow max of 10 line items in a user query equating to 10 API calls?
Or another example create max 4 images per user query per usage? Also let users know of the maxes per usage.
From your experience what is the max line items/API calls a PickAxe can create? Lets say you put no limits and increased the input and output windows to the max.
1 Like
“Thanks Ned, so I can say something like allow max of 10 line items in a user query equating to 10 API calls?
Or another example create max 4 images per user query per usage?“
A: No problem 
This you want to cover in both the action code and the prompt (or prompt injection). But primarily in the action code itself to control the functionality of the connected actions.
“…Also let users know of the maxes per usage.”
A: That’s always good practice in my opinion, yes. You can always use the additional page optionality to add either text-based or (embed a) YouTube video guidance In the markdown section.
“From your experience what is the max line items/API calls a PickAxe can create? Lets say you put no limits and increased the input and output windows to the max.”
A: I don’t know. This one is for @nathaniel / @admin_mike
1 Like
One last thing to add. I don’t believe you can do this today, but it might be useful in some cases: instead of making the context windows static for PickAxes, make an option to make them dynamic so you can set them to increase in amount for each higher tier they subscribe to.
That could possibly be a useful feature. You can always post feature requests under the relevant category and and tag the right team member(s) for comment.
1 Like
I don’t think a user can make 100 API calls from a single exchange with your Pickaxe. The Pickaxe usually only runs one Action per message. Are you actually running into this problem? Or is this a hypothetical situation?
1 Like
This is hypothetical, but isn’t it possible to send 100 line items in that one action that equates to 100 separate API calls for an Application?
I’m trying to mitigate risk if this is possible. To Ned’s point, if we can control this with prompt directions in the action and say only send 10 line items max, then that would solve this.
1 Like
Generally speaking, when it comes mitigating risks and potential vulnerabilities, a universal security protocol is the way to go. Be as detailed, yet concise as possible.
1 Like
I would limit this in the prompt. Something as simple as “only ever use one tool call per message” will be sufficient. You can add more instruction if you find it isn’t doing the trick.
1 Like
Since one pickaxe can only have one LMM at a time, the best way to overcome this limitation is to clone them and offer extra chatbots linked to more powerful LMMs in higher-paid tiers?
For example:
Chatbot A uses ChatGPT 4o - Tier 1 paid members also included in Tier 2 paid member
Chatbot B uses Claude 3.5 Sonnet - Tier 2 paid member
Also, is it best to attach one chatbot to one image generator in actions so it knows which one to use without getting confused?
The same goes for controlling the token length. Should we offer the same chatbot with token windows and more flexible directions to increase API calls in each action on higher paid tiers?
For example, Tier 1 - only one API call per action in a single message - smaller token input and output length
Tier 2 - 10 API calls
Tier 3 - 100 API calls
Tier 4 - 1000 API calls - largest input and output token length
For example, a lower-tier Action will only allow you to send 10 line items/10 API calls, and the highest-tier actions create directions that say you can have 100 line items/100 API calls at a time. Have you seen people do this and charge this way?
When you say limit in the prompt you mean both in the “prompt injection” and “action”?
It will understand words/phrases like:
“only use one API call per message”
“only ever use one tool call per message” - yours
“Set a max of 10 API calls per message”