Ask HN: Protecting Against Attacks Triggering Costly Tasks?

How do software companies safeguard against attacks that trigger costly operations like LLM inference through a 3rd party service or generate excessive egress traffic for files housed in S3? I know companies where a malicious actor could in 30 minutes of work and and some proxies spend hundreds of thousands of dollars. In theory, one could devise a sophisticated system to monitor trends and apply automated limits to each expensive task. However, from what I've observed, most seem to rely on a mix of basic account/IP rate limiting and global spending quotas set in cloud or 3rd party API providers. Has anyone encountered such an attack and how was it handled?