npm - @qubiit/lmagent - Versions diffs - 2.5.0 - Mend

@qubiit/lmagent 2.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (155) hide show

package/.editorconfig +18 -0
package/AGENTS.md +169 -0
package/CLAUDE.md +122 -0
package/CONTRIBUTING.md +90 -0
package/LICENSE +21 -0
package/README.md +195 -0
package/config/commands.yaml +194 -0
package/config/levels.yaml +135 -0
package/config/models.yaml +192 -0
package/config/settings.yaml +405 -0
package/config/tools-extended.yaml +534 -0
package/config/tools.yaml +437 -0
package/docs/assets/logo.png +0 -0
package/docs/commands.md +132 -0
package/docs/customization-guide.md +445 -0
package/docs/getting-started.md +154 -0
package/docs/how-to-start.md +242 -0
package/docs/navigation-index.md +227 -0
package/docs/usage-guide.md +113 -0
package/install.js +1044 -0
package/package.json +35 -0
package/pyproject.toml +182 -0
package/rules/_bootstrap.md +138 -0
package/rules/agents-ia.md +607 -0
package/rules/api-design.md +337 -0
package/rules/automations-n8n.md +646 -0
package/rules/code-style.md +570 -0
package/rules/documentation.md +98 -0
package/rules/security.md +316 -0
package/rules/stack.md +395 -0
package/rules/testing.md +326 -0
package/rules/workflow.md +353 -0
package/scripts/create_skill.js +300 -0
package/scripts/validate_skills.js +283 -0
package/skills/ai-agent-engineer/SKILL.md +394 -0
package/skills/ai-agent-engineer/references/agent-patterns.md +149 -0
package/skills/api-designer/SKILL.md +429 -0
package/skills/api-designer/references/api-standards.md +13 -0
package/skills/architect/SKILL.md +285 -0
package/skills/architect/references/c4-model.md +133 -0
package/skills/automation-engineer/SKILL.md +352 -0
package/skills/automation-engineer/references/n8n-patterns.md +127 -0
package/skills/backend-engineer/SKILL.md +261 -0
package/skills/backend-engineer/assets/fastapi-project-structure.yaml +74 -0
package/skills/backend-engineer/references/debugging-guide.md +174 -0
package/skills/backend-engineer/references/design-patterns.md +208 -0
package/skills/backend-engineer/scripts/scaffold_backend.py +313 -0
package/skills/bmad-methodology/SKILL.md +202 -0
package/skills/bmad-methodology/references/scale-adaptive-levels.md +141 -0
package/skills/browser-agent/SKILL.md +502 -0
package/skills/browser-agent/scripts/playwright_setup.ts +16 -0
package/skills/code-reviewer/SKILL.md +306 -0
package/skills/code-reviewer/references/code-review-checklist.md +16 -0
package/skills/data-engineer/SKILL.md +474 -0
package/skills/data-engineer/assets/pg-monitoring-queries.sql +154 -0
package/skills/data-engineer/references/index-strategy.md +128 -0
package/skills/data-engineer/scripts/backup_postgres.py +221 -0
package/skills/devops-engineer/SKILL.md +547 -0
package/skills/devops-engineer/references/ci-cd-patterns.md +265 -0
package/skills/devops-engineer/scripts/docker_healthcheck.py +125 -0
package/skills/document-generator/SKILL.md +746 -0
package/skills/document-generator/references/pdf-generation.md +22 -0
package/skills/frontend-engineer/SKILL.md +532 -0
package/skills/frontend-engineer/references/accessibility-guide.md +146 -0
package/skills/frontend-engineer/scripts/audit_bundle.py +144 -0
package/skills/git-workflow/SKILL.md +374 -0
package/skills/git-workflow/references/git-flow.md +25 -0
package/skills/mcp-builder/SKILL.md +471 -0
package/skills/mcp-builder/references/mcp-server-guide.md +23 -0
package/skills/mobile-engineer/SKILL.md +502 -0
package/skills/mobile-engineer/references/platform-guidelines.md +160 -0
package/skills/orchestrator/SKILL.md +246 -0
package/skills/orchestrator/references/methodology-routing.md +117 -0
package/skills/orchestrator/references/persona-mapping.md +85 -0
package/skills/orchestrator/references/routing-logic.md +110 -0
package/skills/performance-engineer/SKILL.md +549 -0
package/skills/performance-engineer/references/caching-patterns.md +181 -0
package/skills/performance-engineer/scripts/profile_endpoint.py +170 -0
package/skills/product-manager/SKILL.md +488 -0
package/skills/product-manager/references/prioritization-frameworks.md +126 -0
package/skills/prompt-engineer/SKILL.md +433 -0
package/skills/prompt-engineer/references/prompt-patterns.md +158 -0
package/skills/qa-engineer/SKILL.md +441 -0
package/skills/qa-engineer/references/testing-strategy.md +166 -0
package/skills/qa-engineer/scripts/run_coverage.py +147 -0
package/skills/scrum-master/SKILL.md +225 -0
package/skills/scrum-master/references/sprint-ceremonies.md +159 -0
package/skills/security-analyst/SKILL.md +390 -0
package/skills/security-analyst/references/owasp-top10.md +188 -0
package/skills/security-analyst/scripts/audit_security.py +242 -0
package/skills/seo-auditor/SKILL.md +523 -0
package/skills/seo-auditor/references/seo-checklist.md +17 -0
package/skills/spec-driven-dev/SKILL.md +342 -0
package/skills/spec-driven-dev/references/phase-gates.md +107 -0
package/skills/supabase-expert/SKILL.md +602 -0
package/skills/supabase-expert/references/supabase-patterns.md +19 -0
package/skills/swe-agent/SKILL.md +311 -0
package/skills/swe-agent/references/trajectory-format.md +134 -0
package/skills/systematic-debugger/SKILL.md +512 -0
package/skills/systematic-debugger/references/debugging-guide.md +12 -0
package/skills/tech-lead/SKILL.md +409 -0
package/skills/tech-lead/references/code-review-checklist.md +111 -0
package/skills/technical-writer/SKILL.md +631 -0
package/skills/technical-writer/references/doc-templates.md +218 -0
package/skills/testing-strategist/SKILL.md +476 -0
package/skills/testing-strategist/references/testing-pyramid.md +16 -0
package/skills/ux-ui-designer/SKILL.md +419 -0
package/skills/ux-ui-designer/references/design-system-foundation.md +168 -0
package/skills_overview.txt +94 -0
package/templates/PROJECT_KICKOFF.md +284 -0
package/templates/SKILL_TEMPLATE.md +131 -0
package/templates/USAGE.md +95 -0
package/templates/agent-python/README.md +71 -0
package/templates/agent-python/agent.py +272 -0
package/templates/agent-python/config.yaml +76 -0
package/templates/agent-python/prompts/system.md +109 -0
package/templates/agent-python/requirements.txt +7 -0
package/templates/automation-n8n/README.md +14 -0
package/templates/automation-n8n/webhook-handler.json +57 -0
package/templates/backend-node/Dockerfile +12 -0
package/templates/backend-node/README.md +15 -0
package/templates/backend-node/package.json +30 -0
package/templates/backend-node/src/index.ts +19 -0
package/templates/backend-node/src/routes.ts +7 -0
package/templates/backend-node/tsconfig.json +22 -0
package/templates/backend-python/Dockerfile +11 -0
package/templates/backend-python/README.md +78 -0
package/templates/backend-python/app/core/config.py +12 -0
package/templates/backend-python/app/core/database.py +12 -0
package/templates/backend-python/app/main.py +17 -0
package/templates/backend-python/app/routers/__init__.py +1 -0
package/templates/backend-python/app/routers/health.py +7 -0
package/templates/backend-python/requirements-dev.txt +6 -0
package/templates/backend-python/requirements.txt +4 -0
package/templates/backend-python/tests/test_health.py +9 -0
package/templates/checkpoint.yaml +117 -0
package/templates/database/README.md +474 -0
package/templates/frontend-react/README.md +446 -0
package/templates/plan.yaml +320 -0
package/templates/session.yaml +125 -0
package/templates/spec.yaml +229 -0
package/templates/tasks.yaml +330 -0
package/workflows/bugfix-backend.md +380 -0
package/workflows/documentation.md +232 -0
package/workflows/generate-prd.md +320 -0
package/workflows/ideation.md +396 -0
package/workflows/new-agent-ia.md +497 -0
package/workflows/new-automation.md +374 -0
package/workflows/new-feature.md +290 -0
package/workflows/optimize-performance.md +373 -0
package/workflows/resolve-github-issue.md +524 -0
package/workflows/security-review.md +291 -0
package/workflows/spec-driven.md +476 -0
package/workflows/testing-strategy.md +296 -0
package/workflows/third-party-integration.md +277 -0

package/rules/agents-ia.md ADDED Viewed

@@ -0,0 +1,607 @@
+# Reglas para Agentes de IA - LMAgent
+> **Tipo**: `rule` | **Versión**: 2.1 | **Actualización**: 2026-01
+## 📌 Quick Reference
+| Principio | Regla |
+|-----------|-------|
+| **Tool-first** | El LLM decide, las tools ejecutan. NUNCA ejecutar código directo del LLM. |
+| **Stateless** | Agentes sin estado en memoria. Usar Redis para persistencia. |
+| **Observable** | Logging de TODAS las interacciones LLM + Cost Tracking obligatorio. |
+| **MCP Standard** | Usar Model Context Protocol (MCP) para definir herramientas. |
+| **Guardrails** | Timeout, rate limit y validación de outputs OBLIGATORIOS. |
+### 👥 Roles que usan esta regla
+`ai-agent-engineer`, `prompt-engineer`, `backend-engineer`, `architect`
+---
+Este documento define las reglas y mejores prácticas para el desarrollo de agentes de IA.
+## Principios Fundamentales
+### 1. Separación de Responsabilidades
+```
+┌─────────────────────────────────────────────────────────────┐
+│  AGENTE = Orquestador de Herramientas                       │
+│                                                             │
+│  ┌─────────────┐                                            │
+│  │    LLM      │ ← Razonamiento y decisiones                │
+│  └──────┬──────┘                                            │
+│         │                                                   │
+│         ▼                                                   │
+│  ┌─────────────┐                                            │
+│  │   Tools     │ ← Acciones concretas                       │
+│  └──────┬──────┘                                            │
+│         │                                                   │
+│         ▼                                                   │
+│  ┌─────────────┐                                            │
+│  │   State     │ ← Memoria y contexto (Redis)               │
+│  └─────────────┘                                            │
+└─────────────────────────────────────────────────────────────┘
+```
+### 2. Stateless Agents
+- Los agentes NO deben almacenar estado en memoria
+- Usar Redis para estado entre invocaciones
+- Cada llamada debe ser autocontenida
+### 3. Observable Everything
+- Logging de todas las interacciones con LLM
+- Tracking de costos por sesión
+- Métricas de latencia y errores
+---
+## Estructura de Agentes
+### Directorio
+```
+agents/
+├── config/
+│   ├── agents.yaml        # Definición de agentes
+│   ├── tools.yaml         # Registry de herramientas
+│   └── models.yaml        # Configuración de LLMs
+├── python/
+│   ├── __init__.py
+│   ├── base_agent.py      # Clase base
+│   ├── agent_runner.py    # Ejecutor
+│   ├── tools/             # Herramientas
+│   │   ├── __init__.py
+│   │   ├── registry.py    # Registry de tools
+│   │   ├── base_tool.py   # Interface base
+│   │   ├── http_tool.py
+│   │   ├── database_tool.py
+│   │   └── ...
+│   ├── prompts/           # Templates de prompts
+│   │   ├── system/
+│   │   └── personas/
+│   └── llm/               # Providers
+│       ├── base_provider.py
+│       ├── openai_provider.py
+│       └── ...
+└── README.md
+```
+---
+## Diseño de Herramientas
+### Interface Base
+```python
+from abc import ABC, abstractmethod
+from pydantic import BaseModel, Field
+from typing import Any, Dict
+class ToolResult(BaseModel):
+    """Resultado estándar de una herramienta."""
+    success: bool
+    data: Any = None
+    error: str | None = None
+    metadata: Dict[str, Any] = {}
+class BaseTool(BaseModel, ABC):
+    """Interface base para todas las herramientas."""
+    name: str
+    description: str
+    @abstractmethod
+    async def execute(self, **kwargs) -> ToolResult:
+        """Ejecuta la herramienta."""
+        pass
+    def to_function_schema(self) -> Dict:
+        """Genera schema para function calling de OpenAI/Anthropic."""
+        pass
+```
+### Reglas de Diseño de Tools
+✅ **Hacer:**
+- Una herramienta = una responsabilidad
+- Parámetros opcionales con defaults sensatos
+- Retornar siempre `ToolResult` consistente
+- Incluir descripción clara para el LLM
+- Logging de todas las ejecuciones
+- Timeouts explícitos
+❌ **No hacer:**
+- Tools que hacen múltiples cosas
+- Parámetros sin tipos o descripciones
+- Excepciones no manejadas
+- Llamadas externas sin timeout
+- Logs con datos sensibles
+### Ejemplo de Tool Bien Diseñada
+```python
+from lmagent.tools.base import BaseTool, ToolResult
+from pydantic import Field
+from typing import Optional
+import httpx
+import structlog
+logger = structlog.get_logger()
+class HttpRequestTool(BaseTool):
+    """
+    Realiza requests HTTP a APIs externas.
+    Usa esta herramienta cuando necesites:
+    - Obtener datos de una API externa
+    - Enviar datos a un webhook
+    - Verificar disponibilidad de un servicio
+    NO uses para:
+    - Acceso a base de datos (usa database_query)
+    - Operaciones en Redis (usa redis_cache)
+    """
+    name: str = "http_request"
+    description: str = "Make HTTP requests to external APIs"
+    async def execute(
+        self,
+        url: str = Field(..., description="Full URL to request"),
+        method: str = Field("GET", description="HTTP method"),
+        headers: Optional[dict] = Field(None, description="Request headers"),
+        body: Optional[dict] = Field(None, description="Request body for POST/PUT"),
+        timeout: int = Field(30, description="Timeout in seconds")
+    ) -> ToolResult:
+        """Ejecuta request HTTP."""
+        logger.info(
+            "http_request_start",
+            url=url,
+            method=method
+        )
+        try:
+            async with httpx.AsyncClient(timeout=timeout) as client:
+                response = await client.request(
+                    method=method,
+                    url=url,
+                    headers=headers,
+                    json=body
+                )
+                logger.info(
+                    "http_request_complete",
+                    url=url,
+                    status_code=response.status_code
+                )
+                return ToolResult(
+                    success=response.is_success,
+                    data={
+                        "status_code": response.status_code,
+                        "body": response.json() if response.headers.get("content-type", "").startswith("application/json") else response.text,
+                        "headers": dict(response.headers)
+                    },
+                    metadata={
+                        "elapsed_ms": response.elapsed.total_seconds() * 1000
+                    }
+                )
+        except httpx.TimeoutException:
+            logger.warning("http_request_timeout", url=url, timeout=timeout)
+            return ToolResult(
+                success=False,
+                error=f"Request timed out after {timeout}s",
+                metadata={"suggestion": "Try increasing timeout or check if service is available"}
+            )
+        except Exception as e:
+            logger.error("http_request_error", url=url, error=str(e))
+            return ToolResult(
+                success=False,
+                error=str(e)
+            )
+```
+---
+## Diseño de Prompts
+### System Prompt Template
+```markdown
+You are {agent_name}, an AI assistant specialized in {domain}.
+## Your Role
+{role_description}
+## Available Tools
+You have access to the following tools:
+{tools_list}
+When using tools, always:
+1. Think about which tool is most appropriate
+2. Provide all required parameters
+3. Handle errors gracefully
+## Response Guidelines
+- Be concise and direct
+- Use structured formats when appropriate
+- Cite sources when using external data
+- Admit when you don't know something
+## Constraints
+- Maximum {max_tokens} tokens per response
+- Do not make up information
+- Do not access tools outside your allowed set
+```
+### Mejores Prácticas de Prompts
+1. **Sea específico**: Evitar instrucciones vagas
+   ```
+   ❌ "Ayuda al usuario"
+   ✅ "Ayuda al usuario a encontrar información sobre productos.
+       Si no encuentras el producto, sugiere alternativas similares."
+   ```
+2. **Dé ejemplos (Few-shot)**:
+   ```
+   ## Examples
+   User: "Find product with SKU ABC123"
+   Assistant: I'll search for that product.
+   [Uses: search_product(sku="ABC123")]
+   Result: Found "Widget Pro" priced at $99.99
+   User: "What's the status of order 789?"
+   Assistant: Let me check that order.
+   [Uses: get_order(order_id="789")]
+   Result: Order is "shipped", tracking: XYZ...
+   ```
+3. **Estructure el output**:
+   ```
+   ## Output Format
+   Always respond in this JSON format:
+   {
+     "thinking": "Your reasoning process",
+     "action": "Tool name or 'respond'",
+     "action_input": {...} or null,
+     "response": "Final response to user" or null
+   }
+   ```
+4. **Defina límites claros**:
+   ```
+   ## You CANNOT:
+   - Access production databases directly
+   - Send emails without user confirmation
+   - Make purchases or financial transactions
+   - Access files outside the project directory
+   ```
+---
+## Manejo de Errores
+### Estrategia de Reintentos
+```python
+from tenacity import retry, stop_after_attempt, wait_exponential
+class AgentRunner:
+    @retry(
+        stop=stop_after_attempt(3),
+        wait=wait_exponential(multiplier=1, min=1, max=10)
+    )
+    async def call_llm(self, messages: list) -> LLMResponse:
+        """Llama al LLM con reintentos automáticos."""
+        return await self.llm_provider.complete(messages)
+```
+### Fallback de Modelos
+```python
+async def get_completion(self, messages: list) -> str:
+    """Intenta con modelo principal, fallback a secundario."""
+    try:
+        return await self.primary_model.complete(messages)
+    except RateLimitError:
+        logger.warning("primary_model_rate_limited, using fallback")
+        return await self.fallback_model.complete(messages)
+    except Exception as e:
+        logger.error("llm_error", error=str(e))
+        raise
+```
+### Errores del Agente
+```python
+class AgentError(Exception):
+    """Error base de agentes."""
+    pass
+class ToolExecutionError(AgentError):
+    """Error ejecutando herramienta."""
+    def __init__(self, tool_name: str, error: str):
+        self.tool_name = tool_name
+        super().__init__(f"Tool '{tool_name}' failed: {error}")
+class CostLimitExceeded(AgentError):
+    """Se excedió el límite de costo."""
+    def __init__(self, current_cost: float, limit: float):
+        self.current_cost = current_cost
+        self.limit = limit
+        super().__init__(f"Cost ${current_cost:.2f} exceeded limit ${limit:.2f}")
+class MaxIterationsExceeded(AgentError):
+    """Se excedió el número máximo de iteraciones."""
+    pass
+```
+---
+## Observabilidad
+### Logging Estructurado
+```python
+import structlog
+logger = structlog.get_logger()
+class Agent:
+    async def run(self, user_input: str) -> str:
+        run_id = generate_run_id()
+        logger.info(
+            "agent_run_start",
+            run_id=run_id,
+            agent_name=self.name,
+            input_length=len(user_input)
+        )
+        try:
+            result = await self._execute(user_input)
+            logger.info(
+                "agent_run_complete",
+                run_id=run_id,
+                iterations=self.iteration_count,
+                total_cost=self.cost_tracker.total,
+                output_length=len(result)
+            )
+            return result
+        except Exception as e:
+            logger.error(
+                "agent_run_error",
+                run_id=run_id,
+                error=str(e),
+                error_type=type(e).__name__
+            )
+            raise
+```
+### Trajectory Logging
+```python
+class TrajectoryLogger:
+    """Registra el historial completo de una ejecución."""
+    def __init__(self, run_id: str):
+        self.run_id = run_id
+        self.steps: list[TrajectoryStep] = []
+    def log_step(
+        self,
+        step_num: int,
+        thought: str,
+        action: str,
+        action_input: dict,
+        observation: str
+    ):
+        step = TrajectoryStep(
+            step=step_num,
+            timestamp=datetime.utcnow(),
+            thought=thought,
+            action=action,
+            action_input=action_input,
+            observation=observation
+        )
+        self.steps.append(step)
+        # Log visual para debugging
+        print(f"🤠 INFO STEP {step_num}")
+        print(f"💭 THOUGHT: {thought}")
+        print(f"🎬 ACTION: {action}")
+        print(f"📤 OBSERVATION: {observation[:200]}...")
+    def save(self, path: str):
+        """Guarda trajectory para análisis posterior."""
+        with open(path, 'w') as f:
+            json.dump([s.model_dump() for s in self.steps], f, indent=2)
+```
+### Cost Tracking
+```python
+class CostTracker:
+    """Monitorea costos de API por sesión."""
+    def __init__(self, max_cost: float = 2.00):
+        self.max_cost = max_cost
+        self.total = 0.0
+        self.calls: list[CostEntry] = []
+    def track(
+        self,
+        model: str,
+        input_tokens: int,
+        output_tokens: int
+    ) -> float:
+        """Registra y valida costo de llamada."""
+        cost = self._calculate_cost(model, input_tokens, output_tokens)
+        self.calls.append(CostEntry(
+            model=model,
+            input_tokens=input_tokens,
+            output_tokens=output_tokens,
+            cost=cost,
+            timestamp=datetime.utcnow()
+        ))
+        self.total += cost
+        if self.total >= self.max_cost:
+            raise CostLimitExceeded(self.total, self.max_cost)
+        return cost
+    def _calculate_cost(
+        self,
+        model: str,
+        input_tokens: int,
+        output_tokens: int
+    ) -> float:
+        """Calcula costo según modelo."""
+        # Ver config/models.yaml para precios
+        prices = PRICING.get(model, {"input": 0.01, "output": 0.03})
+        return (
+            (input_tokens / 1000) * prices["input"] +
+            (output_tokens / 1000) * prices["output"]
+        )
+```
+---
+## Seguridad
+### Guardrails Obligatorios
+1. **Validar outputs de LLM** antes de ejecutar
+2. **Limitar herramientas** a las necesarias
+3. **Rate limiting** por usuario/sesión
+4. **Sanitizar inputs** del usuario
+5. **No exponer** API keys en logs
+### Sandbox para Ejecución de Código
+```python
+class SandboxTool(BaseTool):
+    """Ejecuta código en ambiente aislado."""
+    name: str = "sandbox_execute"
+    description: str = "Execute code in isolated Docker container"
+    # Límites de seguridad
+    MAX_MEMORY = "256m"
+    MAX_CPU = "0.5"
+    MAX_TIMEOUT = 300
+    NETWORK = "none"  # Sin acceso a red
+    async def execute(
+        self,
+        code: str,
+        language: str = "python",
+        timeout: int = 30
+    ) -> ToolResult:
+        # Sanitizar código
+        if self._is_dangerous(code):
+            return ToolResult(
+                success=False,
+                error="Code contains potentially dangerous operations"
+            )
+        # Ejecutar en container
+        result = await self._run_in_docker(
+            code=code,
+            language=language,
+            timeout=min(timeout, self.MAX_TIMEOUT)
+        )
+        return result
+```
+---
+## Integración con n8n
+Los agentes deben exponerse como endpoints HTTP para que n8n pueda invocarlos:
+```python
+from fastapi import APIRouter
+from pydantic import BaseModel
+router = APIRouter(prefix="/agents", tags=["agents"])
+class AgentRequest(BaseModel):
+    agent_name: str
+    input: str
+    context: dict = {}
+    max_cost: float = 2.00
+class AgentResponse(BaseModel):
+    success: bool
+    output: str
+    cost: float
+    iterations: int
+    trajectory_id: str | None = None
+@router.post("/run", response_model=AgentResponse)
+async def run_agent(request: AgentRequest) -> AgentResponse:
+    """
+    Ejecuta un agente con el input dado.
+    Diseñado para ser llamado desde n8n via HTTP Request node.
+    """
+    agent = await load_agent(request.agent_name)
+    agent.cost_tracker.max_cost = request.max_cost
+    result = await agent.run(request.input, context=request.context)
+    return AgentResponse(
+        success=True,
+        output=result,
+        cost=agent.cost_tracker.total,
+        iterations=agent.iteration_count,
+        trajectory_id=agent.trajectory_logger.run_id
+    )
+```
+---
+## ✅ Checklist de Validación (Antes de Deploy)
+### Diseño del Agente
+- [ ] Arquitectura elegida y documentada (ReAct, Tool-only, etc.)
+- [ ] Tools definidas con schemas MCP/Pydantic estrictos
+- [ ] System Prompt aprobado por /prompt engineer
+### Seguridad (Guardrails)
+- [ ] Timeout configurado en TODAS las tools
+- [ ] Rate limit por usuario/sesión
+- [ ] Cost limit configurado (default: $2.00)
+- [ ] Outputs del LLM validados antes de ejecutar
+- [ ] Sin API keys en logs
+### Observabilidad
+- [ ] Logging estructurado con structlog
+- [ ] Trajectory logging habilitado
+- [ ] Cost tracking implementado
+- [ ] Métricas de latencia expuestas
+### Integración
+- [ ] Endpoint HTTP para n8n creado
+- [ ] Documentación de API generada
+- [ ] Tests de evals pasando (Faithfulness > 0.7)