We’ve finally started our plan to build a customer service assistant by feeding it screenshots of our app (I posted about this separately). The process is:
Build the Assistant in the OpenAI UI
Install LibreChat and point that frontend to the Assistant via API Key
I built a simple Assistant myself for this purpose, and now would like to invite a person to help me build and fine-tune the Assistant. I’m the “Owner”, but every new Member can have only “Member” and “Reader” permissions. Is there a plan to have a role between these two? Basically I’d like someone who I can give access to a specific project, and other than finance/billing (owner type stuff), I’d like them to be able to modify the project.
The only limits are turning off endpoints if giving an API key, or turning off models in the new projects interface - and organization readers can create their own API keys and set the default billing to you and access organization resources.
The only security is disabling the viewing of threads in the organization->project UI. Or turning off models.
It’s really screwy, and you will want to invite a test account and test it across all scenarios that could cause huge data loss (unpreventable) or massive billing (unpreventable). “block models” does nothing to prevent “delete fine-tunings”.
A better solution is “bill us $20 for the API credits you bought, and your deliverables are scripts that will reproduce the solution for our organization”.
I see, so right now “Reader” can do what I need it to do - which is most everything. But that means they can delete everything and run up charges.
Your solution would be perfect, except the “helper” is an overseas freelancer without a credit card to setup their own account.
I’m not worried about data loss in the current proof of concept phase that we’re in. I do have an organizational billing monthly limit set, and I assume that’s a fallback safety net - whatever anybody does (unintentionally or otherwise), that hard limit will be restricted. If that’s wrong, please correct me
The hard limit seems non functional. Or at least non-functional to shut off an organization for a good portion of a day.
A hacker can run at your rate limit into the -$1000 territory, past credits you’ve purchased also.
Disabling API keys is under an hour though. But there is no “what’s my balance” API method to allow monitoring.
One should not need to treat your own company members as customers that must go through a proxy to monitor usage and access. That’s pretty much what you need, though, because the new controls within the last few months basically can just prevent a leaked GPT-3.5 key from being used on GPT-4, and not much else.
Wow. OK. Well, I’m following some common best practices like safeguarding the API key (not posting to git, for instance - or anywhere), keeping it only on the server, and the helper is a trusted resource.
But still, disappointing to hear that the hard limit isn’t actually one. I guess before we move this to production (if it comes to that, and so far my customer service Assistant hasn’t been great), we’ll need to do a lot more research into that.
Maybe this Monday’s “big announcement” will be that billing will work As Expected.
