[BUG] API Has No Rate Limiting

### Project

vgrep

### Description

The vgrep server API has no rate limiting. Combined with the CORS issue (allows any origin), this means:
- Any client can make unlimited requests
- DoS attacks are trivial
- Embedding generation is CPU-intensive and can be abused
- Memory exhaustion possible via embed_batch


### Error Message

```shell
None - missing security feature.
```

### Debug Logs

```shell

```

### System Information

```shell
- Bounty Version: 0.1.0
- OS: Ubuntu 24.04 LTS
- Rust: 1.75+
```

### Screenshots

_No response_

### Steps to Reproduce

```bash
# Start server
vgrep serve

# Flood with requests (will consume all CPU)
for i in {1..1000}; do
  curl -X POST http://127.0.0.1:7777/embed \
    -H "Content-Type: application/json" \
    -d '{"text": "very long text..."}' &
done
```

### Expected Behavior

1. Rate limit requests per IP/client
2. Limit concurrent requests
3. Limit request size/complexity
4. Return 429 Too Many Requests when exceeded

### Actual Behavior

1. No rate limiting
2. Unlimited concurrent requests
3. CPU/memory can be exhausted
4. Server becomes unresponsive

### Additional Context

_No response_

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[BUG] API Has No Rate Limiting #219

Project

Description

Error Message

Debug Logs

System Information

Screenshots

Steps to Reproduce

Expected Behavior

Actual Behavior

Additional Context

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

[BUG] API Has No Rate Limiting #219

Description

Project

Description

Error Message

Debug Logs

System Information

Screenshots

Steps to Reproduce

Expected Behavior

Actual Behavior

Additional Context

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions