As recommended in docs/security.md, implement rate limiting on the /a2a/message endpoint.\n\nAcceptance criteria:\n- Configurable via env vars (requests per minute)\n- Per-IP and per-agent limits\n- 429 response with Retry-After header