Hardening: safer CORS config + localhost bind defaults

[TheodorNEngoy]

This hardens the LangChain agent runtime defaults to avoid two common security footguns for network-exposed MCP-adjacent servers:

• CORS: stop combining CORS_ORIGINS=* with credentials. The app now reads CORS_ORIGINS/CORS_CREDENTIALS and forces credentials off when CORS_ORIGINS=* (with a warning), since wildcard+credentials is unsafe.
• Bind host: default local dev runs to 127.0.0.1 instead of 0.0.0.0 in Makefile and start_agent.py (still configurable via HOST/PORT). The container Dockerfile remains --host 0.0.0.0.

Also updates .env.example to reflect safer defaults (CORS disabled by default; loopback bind by default).

Rationale: reduces accidental remote exposure + credentialed cross-origin access while keeping intentional remote deployments opt-in.

[crivetimihai]

Thanks for this hardening PR, @TheodorNEngoy! Solid security improvements:

• Catching the wildcard CORS + credentials anti-pattern and logging a warning is exactly right.
• Defaulting to localhost binding and CORS-disabled is good principle of least privilege.

A couple of minor suggestions:

1. DRY the port parsing: _env_int is defined in app.py but the same logic is manually reimplemented in start_agent.py (lines 116-120). Consider sharing the helper.
2. Makefile hardcodes host: The run/dev targets use literal --host 127.0.0.1, so HOST=0.0.0.0 make run won't work as expected. Using --host $${HOST:-127.0.0.1} would be more consistent.

Neither is a blocker. LGTM!

[TheodorNEngoy]

Thanks! Addressed both nits:

• DRY port parsing: factored env helpers into agent_runtimes/langchain_agent/env_utils.py and start_agent.py now uses shared _env_int().
• Makefile HOST override: run/dev now use --host 65847{HOST:-127.0.0.1} and --port 65847{PORT:-8000} so HOST=0.0.0.0 make run behaves as expected.