Skip to content

Cloudflare AI cost coverage + kill-switch safety fixes (Divinci feedback)#29

Merged
mikeumus merged 4 commits into
mainfrom
feat/cf-ai-coverage-and-kill-safety
Jun 17, 2026
Merged

Cloudflare AI cost coverage + kill-switch safety fixes (Divinci feedback)#29
mikeumus merged 4 commits into
mainfrom
feat/cf-ai-coverage-and-kill-safety

Conversation

@mikeumus

Copy link
Copy Markdown
Contributor

Implements the findings from FEEDBACK-from-divinci-deployment.md (a fork of kill-switch-cf run in production against a busy Cloudflare + GCP account).

Self-hosted worker — packages/kill-switch-cf (full backport)

Managed engine — packages/api (mirrored #1/#2/#9 — the product-wide gap)

  • queryAIUsage + queryAIGatewayUsage in the Cloudflare checker.
  • CfGraphQLError classifies errors; auth errors are never swallowed (R2/D1/AI catch blocks rethrow kind==="auth") so a token missing Account Analytics: Read surfaces as a clear lastCheckError.
  • Design note: AI metrics are categorized "load", not "cost", on purpose — there's no CF API to throttle Workers AI per-model or cap AI Gateway upstream spend, so they stay out of the default autoKillCategories: ["cost"] and are alert-only. executeKillSwitch returns an explicit alert-only no-op for ai/aigw.
  • New aiNeuronsPerDay + aiGatewayCostUSD thresholds + defaults.
  • feat(agent-guard): kill switch for runaway coding agents #4 (6h cooldown) and feat(agent-guard): platform wiring — API endpoint, ks CLI, web dashboard #5 (metric-category gating) already existed in the managed engine.

Deferred

#6/#7 (uniform $/day thresholds + cross-cloud catch-all clarity) — mostly docs/UI; the managed engine already computes estimatedDailyCostUSD per service.

Verification

  • Both packages tsc --noEmit clean.
  • tests/providers/cloudflare.test.ts: +4 cases, 44 pass; full provider suite 384 pass.

Deploy notes

  • The worker needs the ALERT_STATE KV namespace created and ADMIN_SECRET set, or /check, /usage, /restore, /test-alert will (now intentionally) refuse.
  • New token scope: Zone > Workers Routes > Edit for route removal.

🤖 Generated with Claude Code

mikeumus and others added 4 commits June 14, 2026 00:21
…tter spacing

- Hero: replace the Get Started / See How It Works buttons with the
  full-width `npx @kill-switch/agent-guard usage` terminal bar.
- Dock that same bar fixed to the bottom once you scroll past the hero;
  it fades out at the footer so the copyright/Privacy/Terms links stay
  readable (IntersectionObserver on the hero bar + footer copyright).
- Drop the now-redundant npx bar from the "real Claude Code limits"
  section.
- Re-center the Horror Stories newsletter panel (clamp() margins) so it
  no longer crowds the embed wall above it.
- Control room (lab): hero-control-room video as the cinematic backdrop,
  grain/scanline/vignette illustration pass, darker-metallic detailed
  agent, single floating live-gauge monitor.
- Launch blog assets (poster/thumb) + preview-limits page.

site/index.html and site/public/index.html kept byte-identical.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
…te removal, fail-closed, restore

Backports the Divinci self-hosted deployment feedback into the open-source worker:

- Workers AI (aiInferenceAdaptiveGroups), AI Gateway (aiGatewayRequestsAdaptiveGroups,
  skips workers-ai provider to avoid double-count), and Vectorize coverage — the
  biggest gap, since LLM inference is invisible to the CF Workers bill.
- DISCONNECT_THRESHOLD_MULTIPLIER (default 10x): alerts fire at 1x, auto-kill only
  above Nx. Fixes the production outage where a $0.23/day voice-agent DO was killed.
- Batched GraphQL (core + extended queries) to dodge the 10429 rate limit.
- Classify auth(10000)/rate-limit(10429) errors and surface analyticsAuth=FAILING +
  a critical alert, instead of silently reading empty (silent-blindness bug).
- KV (ALERT_STATE) webhook alert cooldown via digit-stripped signature; PagerDuty exempt.
- disconnectWorker now removes zone Workers Routes (needs Zone:Read), not just
  workers.dev subdomain + custom domains.
- HTTP endpoints fail CLOSED when ADMIN_SECRET is unset.
- /restore?worker=NAME replays the KV kill snapshot to recover false positives.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
… fix into managed CF checker

The managed monitoring engine had the same LLM-cost blind spot as the self-hosted
worker. Mirrors the high-value subset of the Divinci feedback:

- queryAIUsage (aiInferenceAdaptiveGroups, $0.011/1k Neurons) and queryAIGatewayUsage
  (aiGatewayRequestsAdaptiveGroups upstream $, skips the workers-ai provider).
- CfGraphQLError classifies auth/rate-limit errors; auth errors are never swallowed
  (R2/D1/AI catch blocks rethrow kind==="auth") so a token missing Account
  Analytics:Read surfaces as a clear lastCheckError instead of a false all-clear.
- AI metrics categorized "load" (not "cost") on purpose: there is no CF API to
  throttle Workers AI per-model or cap AI Gateway upstream spend, so they stay out
  of the default autoKillCategories=["cost"] and are alert-only. executeKillSwitch
  returns an explicit alert-only no-op for ai/aigw service prefixes.
- New aiNeuronsPerDay + aiGatewayCostUSD thresholds and defaults.
- +4 tests (44 pass; full provider suite 384 green).

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
… addressed

- CLAUDE.md: add Workers AI / AI Gateway / Vectorize to Cloudflare coverage; note
  Zone > Workers Routes > Edit (route removal) and the analytics-auth surfacing.
- FEEDBACK-from-divinci-deployment.md: status block mapping each item to where it
  landed (kill-switch-cf vs managed api) and what was deferred.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
@qodo-code-review

Copy link
Copy Markdown

Qodo reviews are paused for this user.

Troubleshooting steps vary by plan Learn more →

On a Teams plan?
Reviews resume once this user has a paid seat and their Git account is linked in Qodo.
Link Git account →

Using GitHub Enterprise Server, GitLab Self-Managed, or Bitbucket Data Center?
These require an Enterprise plan - Contact us
Contact us →

@mikeumus mikeumus merged commit b42df4f into main Jun 17, 2026
@mikeumus mikeumus deleted the feat/cf-ai-coverage-and-kill-safety branch June 17, 2026 11:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant