What Counts as Abuse
For an AI API, abuse isn’t just “high usage.” It’s behavioral patterns that indicate misuse:- Mass reselling traffic through a single key
- Sudden massive spikes in token consumption
- High concurrency from a low-age account
- 24/7 maxed-out throughput usage
- Unusual token patterns (e.g., huge context windows on every request)
Dynamic Percentile Thresholds
Instead of hard-coding a flat token limit, ShuttleAI uses a dynamic percentile system that scales with real usage across each plan tier. This means the threshold naturally adjusts as the platform grows — no manual tuning required.Percentiles are computed per tier. Free users do not affect Premium thresholds, and Premium users do not affect Scale thresholds. Full tier isolation is enforced.
Abuse Score
Every ShuttleAI account has an abuse score from 0 to 100, visible in your dashboard. It represents how much of your plan’s monthly budget you’ve consumed.- Score resets on the 1st of each month
- The score is calculated as a percentage of your plan’s monthly unit budget
- You can check your current score anytime via the dashboard
It’s not just how high your score gets — it’s how fast. A score of 25 reached gradually over a month is normal. A score of 25 reached in a few hours raises flags.
Concurrency & Rate Limits
Tokens alone don’t tell the full story. We also enforce concurrency and rate limits per tier:| Plan | Concurrent Requests | RPM Cap | TPM Cap |
|---|---|---|---|
| Free | 2 | Low | Low |
| Basic | 5 | Moderate | Moderate |
| Premium | 15 | High | High |
| Scale | Custom | Custom | Custom |
- Requests per minute (RPM)
- Parallel / concurrent requests
- Burst usage patterns
- Model mix usage
Reselling & Proxy Detection
Reselling ShuttleAI access is the single biggest abuse risk. Someone buying a Premium plan and reselling GPT-5.2 access at a markup undermines the entire platform.Enforcement Thresholds
ShuttleAI uses your abuse score and the rate of increase to determine enforcement actions.~25% — Review Inquiry
- If reached in a short amount of time, you may receive an email asking about your use case
- No action taken — just a check-in
Reaching 100% doesn’t mean you’re banned — it means your key is paused until a human can review your account. Most cases are resolved quickly.
Rarely does anyone exceed 50%. If you’re hitting these thresholds, it’s likely a misconfiguration or runaway process — reach out on Discord and we’ll help.
Transparency Policy
We believe in being transparent about what we protect against, without giving abusers a roadmap.Published (this page)
- Safe floor numbers per plan
- General abuse policy and enforcement steps
- Types of behavior we monitor
Not Published
- Exact percentile formula
- Exact unit costs per model
Summary
| Allowed | Not Allowed |
|---|---|
| Using the API in your own app | Reselling API access to others |
| Building tools for personal use | Offering a proxy / wrapper API |
| Moderate, direct application traffic | Excessive or redistributed traffic |
| Using a normal amount | 24/7 maxed-out bot-like usage |
| Upgrading your plan to lower your abuse score | Staying on a low tier and hammering the API |
Questions about a specific use case? Reach out on Discord and we’ll help you figure out if it fits.