{"slug": "lai-130-that-cheap-ai-api-is-probably-stealing-from-you", "title": "LAI #130: That Cheap AI API Is Probably Stealing From You", "summary": "Researchers tested 400 ultra-cheap AI API proxy services offering GPT and Claude access at 90% off, finding that one drained crypto from a wallet while others injected malicious code or stole cloud credentials. The report warns that routing a coding agent through such proxies poses far greater risks than using them for casual chatbot queries.", "body_md": "Good morning, AI enthusiasts!\n\nThere are services offering GPT and Claude API access at 90% off. Researchers tested 400 of them; one drained crypto from a wallet, others injected malicious code or grabbed cloud credentials. This week, I cover how these proxies actually make their money and why the risk is completely different when you’re routing a coding agent through them instead of just chatting. I also cover how to stop treating ChatGPT like a one-off assistant and start building repeatable workflows around your actual work.\n\nInside the issue:\n\nLet’s get into it!\n\nThis week, in What’s AI, I dive into a too good to be true offer I found. There are several ultra-cheap API proxy stations where you can get the GPT or Claude API 90% cheaper. But when researchers tested 400 of these dirt-cheap AI API services, they found that one of them quietly drained crypto from a wallet. Others were injecting malicious code, or reaching for cloud credentials they were never given. In this article, I explain how these proxies make their money, why the model you pay for might not be the model you get, and why dropping one in front of a coding agent is a completely different level of risk than asking a chatbot a random question. [Read the full article here](https://www.louisbouchard.ai/api-proxy/) or [watch the full video on YouTube](https://youtu.be/sMvIMDWVLmQ?ref=louisbouchard.ai).\n\nIf you ask ChatGPT to rewrite emails, summarize documents, brainstorm ideas, or make something sound more professional, you are only scratching the surface.\n\nThat is useful, but it is still only 1% of what ChatGPT can do. Instead of starting from scratch every single time, use Projects to keep your context, files, examples, and instructions in one place. That way, you do not need to explain your work again every time you open a new chat.\n\nHere’s how you can start getting better at AI today: pick one task you do every week, like creating a report, preparing for a meeting, summarizing customer feedback, or planning your priorities. Build a repeatable workflow around it. You can even use ChatGPT Tasks to run recurring prompts, like preparing a weekly briefing or reminding you to review key updates.\n\nThat is how you can start using AI in your actual work.\n\nIf you want more practical tips on how to use AI at work, and not just better prompts, check out our [Master AI for Work](https://academy.towardsai.net/courses/ai-business-professionals?utm_source=Newsletter&utm_medium=email&utm_id=AItips) Course.\n\n*— Louis-François Bouchard, Towards AI Co-founder & Head of Community*\n\n[Exquisite_peacock_20933](https://discord.com/channels/702624558536065165/983037843532308500/1515447786269573130) just released Liodon AI SLM-10M, a 9.97M parameter causal language model trained from scratch. While it is not suitable for open-ended generation, it supports multiple-choice QA, log-likelihood ranking, SLM research, and perplexity evaluation. It was trained on 25B tokens and supports a context length of 1,024 tokens. [Check it out on HuggingFace](https://huggingface.co/liodon-ai/slm-10m) and support a fellow community member. If you have questions or feedback about the model, [share them in the thread](https://discord.com/channels/702624558536065165/983037843532308500/1515447786269573130)!\n\nWe’re exploring a paid Towards AI membership for people learning AI, becoming AI engineers, or already building AI systems. And we want to know what would actually help you enough to use it every month.\n\nMost of you are leaning towards career outcomes: internships on real projects, jobs, gigs, referrals, career help, and portfolio coaching.\n\nFor those who picked internships or jobs: are you actively looking right now, or do you want that option to exist for when you’re ready? That changes what we build first. [Let us know in the thread](https://discord.com/channels/702624558536065165/833660976196354079/1516113941850492968)!\n\nThe Learn AI Together Discord community is flooding with collaboration opportunities. If you are excited to dive into applied AI, want a study partner, or even want to find a partner for your passion project, [join the collaboration channel](https://discord.gg/rj6m9AF7eC)! Keep an eye on this section, too — we share cool opportunities every week!\n\n1. [Lucazsh](https://discord.com/channels/702624558536065165/1516696830191341638/1516696830191341638) is building a social media app for movies and is looking for someone who can help with frontend and app design. If this sounds like your domain, [reach out to them in the thread](https://discord.com/channels/702624558536065165/1516696830191341638/1516696830191341638)!\n\n2. [Mrlucasrib](https://discord.com/channels/702624558536065165/784477688551178240/1515902324852391937) is deeply studying a book on deep learning and needs a partner to discuss ideas in the book and study together. If you want to get into deep learning, [connect with them in the thread](https://discord.com/channels/702624558536065165/784477688551178240/1515902324852391937)!\n\n3. [Vishacoplayz_27974](https://discord.com/channels/702624558536065165/998978160605540454/1516553865552592978) is recruiting founding board members for AIXelerate, a student-led AI nonprofit. If you’re a high school student interested in leadership, AI, marketing, operations, outreach, or event planning, [contact them in the thread](https://discord.com/channels/702624558536065165/998978160605540454/1516553865552592978)!\n\nMeme shared by [drdub_](https://discord.com/channels/702624558536065165/830572933197201459/1515056574509351083)\n\n[Build Your Own Claude Code Using LangChain: A Deep Dive Into LangChain’s Deep Agents](https://pub.towardsai.net/build-your-own-claude-code-using-langchin-a-deepdive-into-langchains-deep-agents-9ef98d98a69a) By[ Sreejith Sreejayan](https://medium.com/@the-sreejith?source=post_page---byline--9ef98d98a69a---------------------------------------)\n\nThe article traces Claude Code’s architecture and rebuilds each piece using LangChain’s deepagents library. The framework centers on a bare agent loop in which the model either calls tools or returns text, naturally scaling from one-turn answers to multi-step refactors. Around that loop, the harness adds planning via to-do lists, filesystem-backed context management, subagent delegation, OS-level sandboxing for safety, and LangGraph checkpointing for persistence. The full working agent assembles in under a hundred lines.\n\n1. [Version-Controlling Your Agents: Deployment, Rollback, and Safe Promotion Patterns](https://pub.towardsai.net/version-controlling-your-agents-deployment-rollback-and-safe-promotion-patterns-6b7107dbe82a) By[ MongoDB](https://medium.com/@MongoDB?source=post_page---byline--6b7107dbe82a---------------------------------------)\n\nCode reviews do not catch how production agents break, and this piece makes a direct case for treating agent configuration with the same discipline applied to software releases. It lays out three failure modes that arise when versioning is absent: live changes without isolation, manual rollback from memory, and silent degradation without an audit trail. It also proposes fixes, such as immutable config snapshots, staged promotion through canary environments, automated release gates, and pinning LLM model versions to prevent silent behavioral drift between provider updates.\n\n2. [Hosting LLM-Generated Dashboards: A Governed Snowflake Architecture](https://pub.towardsai.net/hosting-llm-generated-dashboards-a-governed-snowflake-architecture-2ec8216a8ed9) By[ Mkrishnamallik](https://medium.com/@mkrishnamallik?source=post_page---byline--2ec8216a8ed9---------------------------------------)\n\nGoverning LLM-generated dashboards inside Snowflake demands more than a smart chat connector. The article proposes a three-file contract separating authoring from hosting: an LLM builds the HTML, a thin Streamlit-in-Snowflake shell wraps it with RBAC, a semantic view enforces verified metric definitions, and every chat turn lands in an audit log. CI deploys per-PR previews with a manual prod gate. The architecture treats the semantic layer as the durable unit of trust, not the dashboard itself, which the author argues is now effectively a throwaway artifact.\n\n3. [I Can Compress 1000 Dimensions Into 2 — Here’s What PCA Taught Me](https://pub.towardsai.net/i-can-compress-1000-dimensions-into-2-heres-what-pca-taught-me-f45194b8794b) By[ Anas Razy](https://anasrazy.medium.com/?source=post_page---byline--f45194b8794b---------------------------------------)\n\nPCA cuts through the curse of dimensionality by rotating the coordinate axes to maximize the data’s spread, then projecting everything onto those best-fit directions. The author builds the full intuition from scratch, covering covariance matrices, eigenvectors, eigenvalues, and projection math before implementing a 3D-to-2D reduction in Python using NumPy and Scikit-learn. The piece also explains why libraries prefer SVD over direct eigendecomposition and points to MNIST as a classic test case for visualizing high-dimensional data.\n\n4. [Optimizing Local LLM Inference on Constrained Hardware](https://pub.towardsai.net/optimizing-local-llm-inference-on-constrained-hardware-783a14af365d) By[ Abhinandan Malhotra](https://medium.com/@abhinandanmalhotra?source=post_page---byline--783a14af365d---------------------------------------)\n\nRunning on a 6GB RTX 3050, the author bypassed Ollama’s Go-based wrapper and ran llama.cpp directly, doubling token-generation throughput on an 8B-parameter model. Benchmarks across three models and three prompt scenarios quantified the abstraction tax: wrappers conservatively spill KV cache to system RAM as context grows, tanking performance across the PCIe bus. Key tuning levers included matching CPU threads to physical core count, using symmetric KV cache quantization, maximizing GPU layer offloading, and increasing micro-batch size to accelerate prefill-heavy RAG pipelines.\n\n5. [WebSockets at Scale: What Nobody Tells You About Managing Millions of Connections](https://pub.towardsai.net/websockets-at-scale-what-nobody-tells-you-about-managing-millions-of-connections-1f9263e9a95a?sk=7bb31b1c6c99f8163bcf583fda709d87) By[ Rizwanhoda](https://rizwanhoda.medium.com/?source=post_page---byline--1f9263e9a95a---------------------------------------)\n\nWebSocket connections drain file descriptors, memory, and routing logic in ways most tutorials never address. This piece walks through seven production failure points: OS file descriptor caps that limit connections to 1,024 by default, per-connection memory overhead that scales brutally, cross-server message routing solved via Redis Pub/Sub, the eventually-consistent presence problem, thundering herd reconnection bugs fixed with jittered exponential backoff, sticky session requirements for load balancers, and the monitoring gap WebSockets create. The final architecture stitches all fixes into a predictable, debuggable production system.\n\nIf you are interested in publishing with Towards AI, [check our guidelines and sign up](https://contribute.towardsai.net/). We will publish your work to our network if it meets our editorial policies and standards.\n\n[LAI #130: That Cheap AI API Is Probably Stealing From You](https://pub.towardsai.net/lai-130-that-cheap-ai-api-is-probably-stealing-from-you-c1924bd91b6f) was originally published in [Towards AI](https://pub.towardsai.net) on Medium, where people are continuing the conversation by highlighting and responding to this story.", "url": "https://wpnews.pro/news/lai-130-that-cheap-ai-api-is-probably-stealing-from-you", "canonical_source": "https://pub.towardsai.net/lai-130-that-cheap-ai-api-is-probably-stealing-from-you-c1924bd91b6f?source=rss----98111c9905da---4", "published_at": "2026-06-18 15:01:03+00:00", "updated_at": "2026-06-18 15:32:47.757598+00:00", "lang": "en", "topics": ["ai-safety", "ai-products", "ai-tools", "ai-infrastructure"], "entities": ["GPT", "Claude", "Louis-François Bouchard", "Towards AI", "Liodon AI", "HuggingFace", "Discord"], "alternates": {"html": "https://wpnews.pro/news/lai-130-that-cheap-ai-api-is-probably-stealing-from-you", "markdown": "https://wpnews.pro/news/lai-130-that-cheap-ai-api-is-probably-stealing-from-you.md", "text": "https://wpnews.pro/news/lai-130-that-cheap-ai-api-is-probably-stealing-from-you.txt", "jsonld": "https://wpnews.pro/news/lai-130-that-cheap-ai-api-is-probably-stealing-from-you.jsonld"}}