Billing, SCU, And Limits

Understand Security Compute Units, modality billing, included allowance, overage, tier caps, and file limits.

Mighty billing is based on SCU, short for Security Compute Units. SCU measures the amount of security compute used by a scan.

Text is the cheapest path. Image and document work use more compute.

For PDFs, page work and embedded image work are separate. They are added together. A PDF page with embedded images costs more than scanning plain extracted text.

Billing

PDF billing adds page work and embedded image work.

Example PDF1 page4 unique embedded images

Page SCU1 x 2 = 2Page wrapper and text extraction

Image SCU4 x 4 = 16Unique embedded images only

Total18 SCU2 + 16

Embedded images are deduped before billing. Four copies of the same logo count as one unique embedded image.

Text1 SCU per 1,000 tokens

Image4 SCU per image

PDF page2 SCU per page wrapper

PDF embedded image4 SCU per unique image

Minimum1 SCU when content is processed

Mighty superhero explaining SCU usage where text has the smallest cost, image and PDF work cost more, and PDF pages with embedded images create the largest combined usage — **SCU grows with modality and work performed.**PDF page work and unique embedded image work are added together. This costs more than scanning plain extracted text.

SCU By Modality

Work processed	SCU
Text	1 SCU per 1,000 tokens, rounded up.
Standalone image	4 SCU per image.
PDF or document page	2 SCU per page wrapper and text extraction.
Embedded image inside a PDF	4 SCU per unique embedded image, added on top of page SCU and more expensive than text token work.
Minimum processed request	1 SCU when content is scanned.

PDF embedded images are billed separately from page processing. They are deduplicated by hash before counting, so the same logo repeated on many pages should count once.

PDF SCU Formula

For PDFs, calculate SCU like this:

PDF SCU = pages * 2 + unique embedded images * 4

Examples:

PDF shape	SCU
1 page, no embedded images	2 SCU
1 page, 4 unique embedded images	18 SCU: 2 for the page plus 16 for images
1 page, the same image repeated 4 times	6 SCU: 2 for the page plus 4 for 1 unique image
10 pages, same logo on every page	24 SCU: 20 for pages plus 4 for 1 unique image
50 pages, 30 unique embedded images	220 SCU: 100 for pages plus 120 for images

This matches the billing code: document pages and embedded image count are separate usage metrics, then the totals are added together.

Plain version: first count pages, then count unique embedded images, then add both numbers. A one-page PDF with four unique embedded images is 18 SCU, not 2 SCU and not 16 SCU.

What The Response Can Include

{
  "action": "WARN",
  "risk_score": 68,
  "scan_id": "4e7c5fc1-6947-492b-bd22-0589d6477c8b",
  "scan_group_id": "9b3e4f8d-96c9-4f42-8338-8cf9571c1c70",
  "scu_charged": 12
}

Logs and dashboard usage can also show allowance remaining and whether usage was included or overage.

Allowance And Overage

The billing page shows:

Included SCU for the current period.
SCU used this period.
Overage SCU when usage passes the included allowance.
Organization spending limit.
Estimated total.

If billing or tier policy blocks a scan, handle 402. If payload size or file complexity blocks a scan, handle 413. If rate limits block a scan, handle 429.

Limits

Large files need clear product routing.

Free preview4 PDF pages and 1 embedded image per PDF.

Pro1,000 PDF pages and 100 embedded images per PDF.

When exceededHandle 402 tier caps, 413 payload limits, and 429 rate limits.

Use async scans for high-value images and large PDFs so your product can show pending review instead of blocking a user request.

Current PDF tier ceilings:

Tier	PDF pages per request	Embedded images per PDF
Free preview	4	1
Pro	1,000	100

These are per-request ceilings for PDFs. They are separate from rate limits, billing allowance, and organization spending limits.

What Developers Should Do

Show upload size and file type limits before upload.
Use async scans for high-value images and large PDFs.
Route 402 to billing, upgrade, or admin action.
Route 413 to reduce file size, split the PDF, or review manually.
Route 429 to retry with backoff.
Log scu_charged, scan_id, request_id, and scan_group_id.

Common Mistakes

Thinking text and image scans cost the same. Image and document scans use more compute.
Treating 402 as a generic failure. It usually needs a billing or tier action.
Treating 413 as only a file size issue. It can also represent a tier file cap.
Retrying 429 immediately. Use backoff.
Running comprehensive async review on every low-risk text message.

Next step

Ready to scan real traffic?

Create an API key, keep it on your server, then wire Mighty into the workflow that handles untrusted material.

Get an API key Handle errors

AI-Agent Prompt

AI-ready prompt

Add billing-aware Mighty handling

Paste this into Cursor, Codex, Claude Code, or Windsurf.

Make this Mighty integration billing-aware and limit-aware.

Requirements:
- Log scu_charged when returned.
- Store scan_id, request_id, scan_group_id, session_id, action, and risk_score.
- Explain SCU in developer comments or admin UI as Security Compute Units.
- Handle 402 as billing, quota, tier cap, or spending limit action.
- Handle 413 as file size, PDF page cap, embedded image cap, or payload complexity.
- Handle 429 with retry backoff.
- Use async scans for high-value images and large PDFs.
- Do not run comprehensive mode on every low-risk text message.

Acceptance criteria:
- Tests cover successful scan with scu_charged.
- Tests cover 402, 413, and 429.
- Large file workflows can route to manual review or ask the user to split the file.
- Logs expose enough IDs for support and billing investigation.