tRPC Security & E2B Sandboxing

Securing a tRPC API that powers AI agents requires thinking about both traditional attack vectors and LLM-specific ones. We added request size limits and zip-bomb protection to prevent resource exhaustion. For untrusted code execution (e.g. user-defined tools), we moved to E2B sandboxes so each run is isolated.

Combined with Redis-backed cursor pagination for MCP tool results, our client agents could focus on the right slice of data instead of drowning in context. The result was a 90% improvement in agent accuracy on real workloads.