v2.0.0: Buddy security hardening + production architecture docs

Security fixes:
- CORS: Replace wildcard * with configurable ALLOWED_ORIGINS
- Rate limiting: Built-in IP-based rate limiter (30 req/min default)
- Error sanitization: Generic client errors, full server-side logging
- Input validation: GAQL period whitelisting, path traversal checks
- Write safety: CEP Protocol for all mutations

New files:
- LICENSE (MIT)
- SECURITY.md — vulnerability reporting + security practices
- CONTRIBUTING.md — contributor guide with priority areas
- CHANGELOG.md — version history
- .env.example — credential template with placeholders
- .gitignore — comprehensive Python project ignores
- pyproject.toml — modern Python packaging
- setup.py — PyPI-compatible package setup
- docs/BUDDY_ARCHITECTURE.md — Cloudflare production system reference

Installable via: pip install google-ads-agent

Made-with: Cursor

Author: John Williams

.env.example

@@ -0,0 +1,38 @@
+# ============================================================================
+# Google Ads API Agent — Environment Variables
+# ============================================================================
+# Copy to .env and fill in your values:  cp .env.example .env
+# NEVER commit .env to git.
+# ============================================================================
+
+# ── Required: Anthropic API ────────────────────────────────────────────────
+# https://console.anthropic.com → Settings → API Keys
+ANTHROPIC_API_KEY=sk-ant-api03-YOUR_KEY_HERE
+
+# ── Required: Google Ads API ───────────────────────────────────────────────
+# Step 1A in README
+GOOGLE_ADS_DEVELOPER_TOKEN=YOUR_DEVELOPER_TOKEN_HERE
+GOOGLE_ADS_CLIENT_ID=YOUR_CLIENT_ID.apps.googleusercontent.com
+GOOGLE_ADS_CLIENT_SECRET=GOCSPX-YOUR_CLIENT_SECRET_HERE
+GOOGLE_ADS_REFRESH_TOKEN=1//YOUR_REFRESH_TOKEN_HERE
+GOOGLE_ADS_LOGIN_CUSTOMER_ID=1234567890
+
+# ── Optional: Cloudinary (Creative Tools) ──────────────────────────────────
+# https://cloudinary.com → Dashboard
+# CLOUDINARY_CLOUD_NAME=your-cloud-name
+# CLOUDINARY_API_KEY=123456789012345
+# CLOUDINARY_API_SECRET=your-api-secret
+
+# ── Optional: SearchAPI.io (Research) ──────────────────────────────────────
+# https://www.searchapi.io → Dashboard
+# SEARCHAPI_API_KEY=your-searchapi-key
+
+# ── Optional: Google AI / Gemini ───────────────────────────────────────────
+# https://aistudio.google.com → Get API Key
+# GOOGLE_AI_API_KEY=AIzaSy-YOUR_KEY_HERE
+
+# ── Optional: Server Configuration ─────────────────────────────────────────
+# Comma-separated list of allowed CORS origins
+# ALLOWED_ORIGINS=http://localhost:3000,https://yourdomain.com
+# Rate limit: max requests per minute per IP
+# RATE_LIMIT_MAX=30

.gitignore

@@ -0,0 +1,41 @@
+# Environment & secrets
+.env
+.env.*
+!.env.example
+
+# Python
+__pycache__/
+*.py[cod]
+*$py.class
+*.so
+*.egg-info/
+dist/
+build/
+*.egg
+.eggs/
+
+# Virtual environments
+venv/
+.venv/
+env/
+
+# IDE
+.idea/
+.vscode/
+*.swp
+*.swo
+*~
+
+# OS
+.DS_Store
+Thumbs.db
+
+# Distribution
+*.tar.gz
+*.whl
+
+# Secrets — never commit these
+*.key
+*.pem
+secrets*
+credentials*

CHANGELOG.md

@@ -0,0 +1,45 @@
+# Changelog
+
+## v2.0.0 — 2026-03-05 (Buddy Security Hardening Release)
+
+### Security Fixes
+- **CORS hardening**: Server no longer uses wildcard `*` origins. Defaults to localhost; configure via `ALLOWED_ORIGINS` env var
+- **Rate limiting**: Built-in IP-based rate limiter (30 req/min default, configurable via `RATE_LIMIT_MAX`)
+- **Error message sanitization**: Server returns generic errors to clients, logs full details internally
+- **Input validation**: GAQL period values whitelisted to prevent injection
+- **Write safety protocol**: All mutations require explicit user confirmation (CEP Protocol)
+
+### New Files
+- `LICENSE` — MIT license (previously missing)
+- `SECURITY.md` — Security policy, vulnerability reporting, best practices
+- `CONTRIBUTING.md` — Contributor guide with priority areas and code style
+- `.env.example` — Environment variable template with placeholders
+- `.gitignore` — Comprehensive ignore rules for Python projects
+- `pyproject.toml` — Modern Python packaging configuration
+- `setup.py` — PyPI-compatible package setup
+- `CHANGELOG.md` — This file
+- `docs/BUDDY_ARCHITECTURE.md` — Cloudflare Buddy agent architecture reference
+
+### Improvements
+- Updated `deploy/server.py` with security middleware
+- Added `ALLOWED_ORIGINS` environment variable support
+- Added rate limiting middleware
+- Package now installable via `pip install google-ads-agent`
+- CLI entry point: `gads-agent` command
+- Version bumped to 2.0.0
+
+### Architecture Documentation
+- Added Buddy (Cloudflare) architecture reference showing the production deployment
+- Documents the full Cloudflare stack: Workers, Durable Objects, D1, KV, R2, Vectorize
+- Includes ReAct loop, semantic memory, monitoring, and billing system details
+- Serves as a reference for contributors building the equivalent in Python
+
+## v1.0.0 — 2026-02-10 (Initial Release)
+
+- 28 custom Google Ads API actions
+- 6 specialized sub-agents (Reporting, Research, Optimization, Shopping, Creative, Creative Innovate)
+- Programmatic deployment via Anthropic API (Path A)
+- Agent platform deployment guide (Path B)
+- FastAPI REST server with session management
+- Docker support
+- Interactive CLI

CONTRIBUTING.md

@@ -0,0 +1,79 @@
+# Contributing to Google Ads API Agent
+
+We welcome contributions! Here's how to get started.
+
+## Priority Areas
+
+1. **Optimization sub-agent actions** — The system prompt is written but needs API actions built
+2. **Shopping & PMax sub-agent actions** — Same as above
+3. **Test coverage** — Unit tests for the deploy package and action files
+4. **Documentation** — Tutorials, guides, video walkthroughs
+
+## Development Setup
+
+```bash
+# Clone
+git clone https://github.com/itallstartedwithaidea/google-ads-api-agent.git
+cd google-ads-api-agent
+
+# Virtual environment
+python -m venv venv
+source venv/bin/activate
+
+# Install with all extras
+pip install -e ".[all]"
+
+# Copy env template
+cp .env.example .env
+# Fill in your credentials
+
+# Validate
+python scripts/validate.py
+```
+
+## Submitting Changes
+
+1. Fork the repo
+2. Create a feature branch: `git checkout -b feature/my-feature`
+3. Make your changes
+4. Test with a Google Ads test account (never use production accounts for testing)
+5. Commit with a clear message: `git commit -m "Add: optimization sub-agent bulk operations"`
+6. Push and open a PR
+
+## Code Style
+
+- Python 3.10+ with type hints
+- Follow existing patterns in `actions/` for new action files
+- All actions must have a `run()` function as the entry point
+- Use `logging` instead of `print()` for debug output
+
+## Security
+
+- **Never commit real API keys** — use `.env` and `.env.example`
+- **Never log credentials** — mask sensitive values in debug output
+- See [SECURITY.md](SECURITY.md) for the full security policy
+
+## Action File Template
+
+```python
+"""
+Action: My New Action
+Description: What this action does
+Credentials: Pattern B (4-key Google Ads)
+"""
+
+def run(action, customer_id=None, login_customer_id=None, **kwargs):
+    """
+    Entry point for the action.
+    
+    Args:
+        action: The specific operation to perform
+        customer_id: Google Ads customer ID
+        login_customer_id: MCC account ID
+    
+    Returns:
+        dict or str: Result of the operation
+    """
+    # Your implementation here
+    pass
+```

LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 It All Started With AI Idea
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

SECURITY.md

@@ -0,0 +1,60 @@
+# Security Policy
+
+## Reporting a Vulnerability
+
+If you discover a security vulnerability, please report it responsibly:
+
+1. **Do NOT open a public GitHub issue**
+2. Email: john@itallstartedwithaidea.com
+3. Include: description, steps to reproduce, potential impact
+4. We'll respond within 48 hours
+
+## Security Practices
+
+### Credentials
+
+- **Never commit API keys** — use `.env` files (gitignored) or secrets managers
+- **Rotate keys** if you suspect exposure — even in private repos
+- All credentials reference `.env` via `python-dotenv`; the `.env.example` contains only placeholders
+
+### CORS
+
+- The FastAPI server defaults to `localhost` origins only
+- Set `ALLOWED_ORIGINS` env var to a comma-separated list of your actual domains
+- **Never use `*` in production**
+
+### Rate Limiting
+
+- Built-in IP-based rate limiting (default: 30 req/min)
+- Configure via `RATE_LIMIT_MAX` env var
+- For production, add API key authentication
+
+### Input Validation
+
+- GAQL queries use parameterized patterns to prevent injection
+- All Google Ads API calls use the official `google-ads` Python SDK which handles escaping
+- Period/date range values are whitelisted where user-supplied
+
+### Write Safety
+
+- All write operations (campaign creation, bid changes, budget adjustments) use the **CEP Protocol**:
+  - **Confirm**: Agent presents what it will do
+  - **Execute**: Only after explicit user confirmation
+  - **Post-check**: Verify the operation succeeded
+- Pre-state snapshots captured before mutations
+
+### Error Handling
+
+- Server logs full error details internally
+- Client receives generic error messages (no stack traces, no internal paths)
+
+## Supported Versions
+
+| Version | Supported |
+|---------|-----------|
+| 2.x     | Yes       |
+| 1.x     | No        |
+
+## Dependencies
+
+Run `pip audit` regularly to check for known vulnerabilities in dependencies.

deploy/server.py

@@ -18,12 +18,14 @@
 import os
 import uuid
 import logging
+import time
+from collections import defaultdict
 from typing import Dict, Optional
 from contextlib import asynccontextmanager
 
-from fastapi import FastAPI, HTTPException
+from fastapi import FastAPI, HTTPException, Request
 from fastapi.middleware.cors import CORSMiddleware
-from fastapi.responses import StreamingResponse
+from fastapi.responses import StreamingResponse, JSONResponse
 from pydantic import BaseModel
 
 from deploy.orchestrator import GoogleAdsAgent, create_agent_system
@@ -33,12 +35,16 @@
 # ── Session Store ─────────────────────────────────────────────────────────────
 sessions: Dict[str, GoogleAdsAgent] = {}
 
+# ── Rate Limiting ─────────────────────────────────────────────────────────────
+rate_limit_store: Dict[str, list] = defaultdict(list)
+RATE_LIMIT_WINDOW = 60
+RATE_LIMIT_MAX = int(os.environ.get("RATE_LIMIT_MAX", "30"))
+
 
 @asynccontextmanager
 async def lifespan(app: FastAPI):
     """Startup/shutdown lifecycle."""
     logger.info("Google Ads Agent server starting...")
-    # Validate credentials on startup
     required_keys = ["ANTHROPIC_API_KEY"]
     missing = [k for k in required_keys if not os.environ.get(k)]
     if missing:
@@ -50,21 +56,43 @@ async def lifespan(app: FastAPI):
     sessions.clear()
 
 
+ALLOWED_ORIGINS = os.environ.get(
+    "ALLOWED_ORIGINS",
+    "http://localhost:3000,http://localhost:8000,http://127.0.0.1:3000"
+).split(",")
+
 app = FastAPI(
     title="Google Ads Agent API",
     description="Enterprise Google Ads management powered by Claude",
-    version="10.0.0",
+    version="2.0.0",
     lifespan=lifespan,
 )
 
 app.add_middleware(
     CORSMiddleware,
-    allow_origins=["*"],
-    allow_methods=["*"],
-    allow_headers=["*"],
+    allow_origins=ALLOWED_ORIGINS,
+    allow_methods=["POST", "GET", "DELETE", "OPTIONS"],
+    allow_headers=["Content-Type", "Authorization"],
 )
 
 
+@app.middleware("http")
+async def rate_limit_middleware(request: Request, call_next):
+    """Simple in-memory rate limiter per IP."""
+    client_ip = request.client.host if request.client else "unknown"
+    now = time.time()
+    rate_limit_store[client_ip] = [
+        t for t in rate_limit_store[client_ip] if t > now - RATE_LIMIT_WINDOW
+    ]
+    if len(rate_limit_store[client_ip]) >= RATE_LIMIT_MAX:
+        return JSONResponse(
+            status_code=429,
+            content={"error": "Rate limit exceeded. Try again shortly."},
+        )
+    rate_limit_store[client_ip].append(now)
+    return await call_next(request)
+
+
 # ── Models ────────────────────────────────────────────────────────────────────
 
 class ChatRequest(BaseModel):
@@ -121,8 +149,8 @@ async def chat(request: ChatRequest):
             tool_calls_made=tool_calls,
         )
     except Exception as e:
-        logger.error(f"Chat error: {e}")
-        raise HTTPException(status_code=500, detail=str(e))
+        logger.error(f"Chat error: {e}", exc_info=True)
+        raise HTTPException(status_code=500, detail="An internal error occurred. Check server logs.")
 
 
 @app.post("/sessions", response_model=SessionInfo)