This page explains how Custom AI Agent tracks usage and how to reduce cost/noise when using cloud backends.
Session statistics include:
input/output character totals,
estimated token usage,
per-backend usage distribution.
Passive scanner flow also records token-aware telemetry to help tune background analysis settings.
Session sidebar summary in the chat panel.
Passive scanner metrics in the scanner settings area.
Audit logs (if enabled) for detailed event-level analysis.
To prevent prompt growth over long sessions:
HTTP
20 messages + 40000 total chars (minimum latest 2 kept)
CLI
10 messages or 20000 total chars
Use these settings in AI Passive Scanner tab:
Rate Limit
Max Size (KB)
Req body chars (AI) / Resp body chars (AI)
Max headers / Max params
Endpoint dedup (min) / Response dedup (min)
Prompt cache TTL (min)
Manual context JSON (compact)
Keep Scope Only ON.
Start with defaults.
If cost is high, reduce response body cap first.
Then reduce headers/params and max size.
Increase dedup/cache windows for repetitive traffic.
For high-volume targets, increase Rate Limit.
Character counts are estimates, not provider-billed exact tokens.
Different providers tokenize text differently.
Use your provider billing dashboard for final spend validation.
When a backend response includes official token counts (e.g., usage.prompt_tokens/usage.completion_tokens on OpenAI-compatible providers), the logger records them verbatim. When token counts are not surfaced by the backend, the extension estimates them by dividing character count by a per-backend calibration factor:
OpenAI-compatible, NVIDIA NIM
3.6
Ollama, LM Studio
3.8
Claude CLI
3.5
Gemini CLI
3.7
Others (Codex, Copilot, OpenCode, Burp AI)
4.0
The factors are empirical defaults that match common tokenizer behavior — cross-check against your provider's billing dashboard before relying on estimates for budget decisions. When both provider-reported and estimated values exist in the same session, the logger prefers the reported value.
Last updated