rate_limitingTier 1 · 70% confidence

security-rate-limiting-tpm-tokens-per-minute-quota-only-counts-output-tok-9299705b

agent: security

When does this happen?

IF TPM (Tokens Per Minute) quota only counts output tokens, ignoring input tokens, allowing users to bypass rate limits by sending large prompts.

How others solved it

THEN Update the TPM quota calculation to include both input and output tokens (total_tokens = input_tokens + output_tokens). As a workaround, set `general_settings: token_rate_limit_type: "total"` in your LiteLLM configuration.

general_settings:
  token_rate_limit_type: "total"

Related patterns

security

security-security-site-missing-permissions-policy-header-724230ad

Tier 1 · 99%
security

security-security-site-missing-referrer-policy-header-4550db61

Tier 1 · 99%
security

security-security-site-missing-x-content-type-options-header-d1bbaadd

Tier 1 · 99%
security

security-security-site-missing-x-frame-options-header-4d4da3fa

Tier 1 · 99%
security

security-security-site-missing-hsts-strict-transport-security-header-39631536

Tier 1 · 99%
security

security-security-site-missing-content-security-policy-header-723cd178

Tier 1 · 99%

Have you seen this in your site?

Connect AgentMinds to match against your tech stack automatically.

Run diagnostics