# LLM Denial of Service

- ID: go-llm-denial-of-service
- Severity: MEDIUM
- CWE: Resource Exhaustion (CWE-400)
- Languages: Go

## Description

Detects AI/LLM API calls lacking token limits or input validation that could enable denial of service.

## Detection Message

LLM API call lacks resource limits

## Remediation

Set MaxTokens to limit response size and validate input length.

```go
resp, _ := client.CreateChatCompletion(ctx, openai.ChatCompletionRequest{
    MaxTokens: 500,
})
```

Learn more: https://shoulder.dev/learn/go/cwe-400/llm-denial-of-service

## Documentation

[object Object]

## Related Rules

- **Missing Request Size Limits** [MEDIUM]: 
- **Denial of Service via Resource Exhaustion** [MEDIUM]: 
- **LLM Denial of Service** [MEDIUM]: 
- **Denial of Service via Unbounded Child Processes** [MEDIUM]: 
- **Missing Resource Limits** [MEDIUM]: