Thought this deserved it’s own topic. I just wanted to share a heads-up for anyone experimenting with external APIs. While building an app as a learning project (a few hours of dev time, nowhere near production), the agent recommended I use a external API and then suggested I switch from the Test environment to the Production environment “for better results.”
I followed that guidance as carefully as I could, but the agent hit a loop of errors and ended up generating a crazy amount of API calls, most of them failed requests. Because it was running against Production instead of Test, that racked up about $2,000 in charges on the API I connected to.
To be clear:
My app was never deployed, just basic testing.
The Agent’s cost estimate was way off.
There were no warnings before the charges piled up.
I reached out to support about this, but mainly I want to flag this for other learners: be very careful when the agent recommends switching to production APIs. Without safeguards, you can get hit with extreme costs fast.
This assumes a level of API and systems knowledge that most learners simply don’t have.
If you’re using Replit as a platform to learn to code, you’re naturally going to trust the Agent’s recommendation, especially when it suggests leaving the sandbox to use a “production” API for better results. There’s an implicit assumption that the system is guiding you safely.
Of course, users share some responsibility, but it’s incredibly risky and misleading for the platform to encourage actions that can result in real financial harm without clear warnings or safeguards. That kind of guidance erodes trust and creates a dangerous learning environment.
I assume you mean that users should build safeguards and rate limiting into their applications with the purpose of preventing being over-charged for API usage. This isn’t something that someone who is unfamiliar with programming and API usage has the foresight to do.
In my case, the API being used virtually has no ceiling in the number of calls you can make, no warning or notifications when exceeding certain limits, or warnings or triggers for unusual API access (Replit Agent spamming the end point tens of thousands of times erroneously). The cost scaled with usage, but between the API and Replit, it was very unclear how many calls were being made or even possible given the app architecture, and how much it could potentially cost to build and run (outside of Replit billing system).
Furthermore, it falsely led me to believe that usage for a single person would be negligible and would not incur significant expense unless heavily accessed by multiple users. In this case, Replit took on the role of thousands of users, and autonomously spammed the endpoint in error without warnings. The fact that it is even remotely possible to rack up this number of charges within a few days on a non-production application, should absolutely warrant some kind of warning system when connected with external APIs.
Perhaps this topic should be moved to the Agent section now that I think about it.
Amadeus for Developers. A travel data API. It was recommended by Agent as the best option for my application and to leverage the production environment for “best results” while testing.
Yes, it needed keys to set up initially. I did this to test whether the sandbox environment was limiting data and ultimately preventing my app from functioning properly. It was connected to both the sandbox and the production endpoints but kept insisting to use the production environment when running into issues.
In many cases, Agent mentioned it was using the test endpoint but was actually using production and vice versa. It took extensive testing to even sort out that it was using the production end point significantly and at exorbitant cost. By the time I was aware of this, nearly 90K calls had been completed on production. No warnings, no usage alerts.
The lack of transparency and more extensive guardrails is alarming and I, along with many others, seem to be guinea pigs in a wild experiment where all the edge-cases haven’t been accounted for. The combination of these incredibly powerful tools has the potential to cause some real damage.
Well, tbh, the usage alerts should have come from the API provider, not Replit. Replit Agent has no idea what your usage limits or costs will be with an API; it’s just trying to solve the application problem.
I get the frustration, but it’s really the fault of the API provider not providing stern enough warnings on their end, as they’re ultimately the ones that stuck you with the bill. Replit was simply doing what you told it to do, aside from the questionable advice from the AI.
A more elegant way to educate users is needed, but whose responsibility that is remains unclear to me.
Right. And I’ve reached out to the API provider who so far seem undetermined to investigate or even entertain a potential issue or solution. Quite literally a shoulder shrug via email from them and Replit.
What’s even scarier is that had I not checked API usage, I could have potentially racked up 10s of thousands of dollars of charges… for literally a learning project.
That’s a painful lesson. The agent pushing you to production without guardrails is exactly the kind of thing that makes people hesitant to trust AI platforms for anything beyond initial scaffolding.
One pattern that helps: use the AI agent for your core app logic, but for features that involve external API calls or complex integrations, swap in pre-built components that have their own infrastructure and rate limiting. That way the agent can’t accidentally run up costs by looping on API calls.
Did the external API have any rate limiting on their end, or was it just completely open?
Completely open and unlimited. They start you with a free quota, but once you’ve hit that it transitions to pay as you go. Problem is, there was no notification that free quota had been used (which apparently happened very quickly). No way to rate-limit with their system that is obvious. If you run into any kind of loop or bug (as I did), it can very quickly spiral out of control. Not ideal for beginners or anyone trying to learn really.
Well it looks like Amadeus did not charge me OR the payment hasn’t posted yet because I haven’t seen a bill so far. This is after sending thorough messages to support, though whoever responds to their support emails said it wasn’t possible to refund or waive the charges, so that’s strange. Someone who knows something must have seen the ticket and did something about it.
Thank you for sharing and sorry this happened to you. I know it probably doesn’t make it feel any better, but you will save people in the community who have read this in the future. I spent tonight reviewing all 3rd party APIs and built limiting into them. Could have been any of us and that’s a tough lesson
