MightyDocs
Browse docs

Billing, SCU, And Limits

Understand Security Compute Units, modality billing, included allowance, overage, tier caps, and file limits.

Mighty billing is based on SCU, short for Security Compute Units. SCU measures the amount of security compute used by a scan.

Text is the cheapest path. Image and document work use more compute. SCU starts at $0.001.

Mode controls scan depth and latency. Focus controls the image evidence family and image-unit billing. Focused image evidence starts at 4 SCU per image; all-evidence image review is 10 SCU per image unit.

For PDFs, page work and embedded image work are separate. They are added together. A PDF page with embedded images costs more than scanning plain extracted text, and embedded images use the active focus image-unit price.

Mode And Focus Pricing

SettingBilling rule
SCU priceStarts at $0.001 per SCU.
TextStarts at 1 SCU per 1,000 tokens, rounded up.
focus=steg, focus=ai, focus=editsFocused image evidence starts at 4 SCU per image.
focus=allAll-evidence image review is 10 SCU per image unit.
focus=bothDeprecated alias for focus=all; bills 10 SCU per image unit.
PDFsStart at 2 SCU per page, plus unique embedded image units at the active focus price.
mode=fast, mode=secure, mode=comprehensiveControls scan depth and latency only. There is no separate mode SCU multiplier.

Counts stay physical. One image is one image unit. focus=all applies bundle pricing to that image unit; it does not turn the image count into a fractional value.

Billing

Mode controls depth; focus controls image evidence billing.

Example PDF1 page4 unique embedded images
Page SCU1 x 2 = 2Page wrapper and text extraction
Image SCU4 x 4 = 16Focused scan image units. focus=all would be 4 x 10 = 40.
Total18 SCUFocused total. All-evidence total is 42 SCU.
Embedded images are deduped before billing. focus=all uses 10 SCU per unique image unit; focused scans use 4 SCU.
Text1 SCU per 1,000 tokens
Focused image4 SCU per image for focus=steg, ai, or edits
All-evidence image10 SCU per image unit for focus=all or both
PDF page2 SCU per page wrapper
PDF embedded image4 or 10 SCU per unique image, based on focus
Minimum1 SCU when content is processed
SCU metering cards for Codex text, ChatGPT attachments, GPT-image-2 image evidence, and PDF packets with focused and all-evidence billing rates
SCU pricing uses work units, not marketing modes.Mode changes scan depth and latency. Focus changes the image evidence family and whether the 10 SCU all-evidence bundle applies.

SCU By Modality

Work processedSCU
Text1 SCU per 1,000 tokens, rounded up.
Focused standalone image4 SCU per image for focus=steg, focus=ai, or focus=edits.
All-evidence standalone image10 SCU per image unit for focus=all and deprecated focus=both.
PDF or document page2 SCU per page wrapper and text extraction.
Embedded image inside a PDF4 or 10 SCU per unique embedded image, added on top of page SCU, using the active focus image-unit price.
Minimum processed request1 SCU when content is scanned.

PDF embedded images are billed separately from page processing. They are deduplicated by hash before counting, so the same logo repeated on many pages should count once.

PDF SCU Formula

For PDFs, calculate focused scans like this:

Focused PDF SCU = pages * 2 + unique embedded images * 4

For all-evidence review:

All-evidence PDF SCU = pages * 2 + unique embedded images * 10

Examples:

PDF shapeFocusSCU
1 page, no embedded imagesany supported focus2 SCU
1 page, 4 unique embedded imagesfocused18 SCU: 2 for the page plus 16 for images
1 page, 4 unique embedded imagesall evidence42 SCU: 2 for the page plus 40 for images
1 page, the same image repeated 4 timesfocused6 SCU: 2 for the page plus 4 for 1 unique image
10 pages, same logo on every pageall evidence30 SCU: 20 for pages plus 10 for 1 unique image
50 pages, 30 unique embedded imagesfocused220 SCU: 100 for pages plus 120 for images

This matches the billing code: document pages and embedded image count are separate usage metrics, then the totals are added together.

Plain version: first count pages, then count unique embedded images, then add both numbers. A one-page focused PDF with four unique embedded images is 18 SCU, not 2 SCU and not 16 SCU. The same PDF with focus=all is 42 SCU.

What The Response Can Include

{
  "action": "WARN",
  "risk_score": 68,
  "scan_id": "4e7c5fc1-6947-492b-bd22-0589d6477c8b",
  "scan_group_id": "9b3e4f8d-96c9-4f42-8338-8cf9571c1c70",
  "scu_charged": 12
}

Logs and dashboard usage can also show allowance remaining and whether usage was included or overage.

Allowance And Overage

The billing page shows:

  • Included SCU for the current period.
  • SCU used this period.
  • Overage SCU when usage passes the included allowance.
  • Organization spending limit.
  • Estimated total.

If billing or tier policy blocks a scan, handle 402. If payload size or file complexity blocks a scan, handle 413. If rate limits block a scan, handle 429.

Limits

Limits

Large files need clear product routing.

Free preview4 PDF pages and 1 embedded image per PDF.
Pro1,000 PDF pages and 100 embedded images per PDF.
When exceededHandle 402 tier caps, 413 payload limits, and 429 rate limits.
Use async scans for high-value images and large PDFs so your product can show pending review instead of blocking a user request.

Current PDF tier ceilings:

TierPDF pages per requestEmbedded images per PDF
Free preview41
Pro1,000100

These are per-request ceilings for PDFs. They are separate from rate limits, billing allowance, and organization spending limits.

What Developers Should Do

  1. Show upload size and file type limits before upload.
  2. Use async scans for high-value images and large PDFs.
  3. Route 402 to billing, upgrade, or admin action.
  4. Route 413 to reduce file size, split the PDF, or review manually.
  5. Route 429 to retry with backoff.
  6. Log scu_charged, scan_id, request_id, and scan_group_id.

Common Mistakes

  • Thinking text and image scans cost the same. Image and document scans use more compute.
  • Missing that focus=all and deprecated focus=both bill 10 SCU per image unit.
  • Treating 402 as a generic failure. It usually needs a billing or tier action.
  • Treating 413 as only a file size issue. It can also represent a tier file cap.
  • Retrying 429 immediately. Use backoff.
  • Running comprehensive async review on every low-risk text message.

For plain-language definitions of mode, focus, AI edits, steganography, and prompt injection, see the glossary.

Next step

Ready to scan real traffic?

Create an API key, keep it on your server, then wire Mighty into the workflow that handles untrusted material.

Get an API keyHandle errors

AI-Agent Prompt

AI-ready prompt
Add billing-aware Mighty handling

Paste this into Cursor, Codex, Claude Code, or Windsurf.

Make this Mighty integration billing-aware and limit-aware.

Requirements:
- Log scu_charged when returned.
- Store scan_id, request_id, scan_group_id, session_id, action, and risk_score.
- Explain SCU in developer comments or admin UI as Security Compute Units.
- Handle 402 as billing, quota, tier cap, or spending limit action.
- Handle 413 as file size, PDF page cap, embedded image cap, or payload complexity.
- Handle 429 with retry backoff.
- Use async scans for high-value images and large PDFs.
- Do not run comprehensive mode on every low-risk text message.

Acceptance criteria:
- Tests cover successful scan with scu_charged.
- Tests cover 402, 413, and 429.
- Large file workflows can route to manual review or ask the user to split the file.
- Logs expose enough IDs for support and billing investigation.