diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index 8590bfb..f185530 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -1,61 +1,46 @@
-name: "CodeQL Analysis"
+name: "CodeQL Security Scan"
 
 on:
   push:
-    branches: [ "main", "feature/karpathy-lab-init" ]
+    branches:
+      - main
   pull_request:
-    branches: [ "main" ]
+    branches:
+      - main
   schedule:
-    # Run CodeQL every Monday at 9:00 AM UTC
-    - cron: '0 9 * * 1'
-  workflow_dispatch:
-
-permissions:
-  actions: read
-  contents: read
-  security-events: write
+    - cron: "0 3 * * 0"   # Opcional: escaneo semanal cada domingo a las 03:00
 
 jobs:
   analyze:
-    name: Analyze
+    name: Analyze code with CodeQL
     runs-on: ubuntu-latest
-    timeout-minutes: 30
+
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
 
     strategy:
       fail-fast: false
       matrix:
-        language: [ 'python' ]
+        language: ["python"]
 
     steps:
     - name: Checkout repository
+      uses: actions/checkout@v4
       uses: actions/checkout@v6
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v4
+        with:
+          languages: ${{ matrix.language }}
+
+      - name: Autobuild
+        uses: github/codeql-action/autobuild@v4
 
-    - name: Initialize CodeQL
-      uses: github/codeql-action/init@v4
-      with:
-        languages: ${{ matrix.language }}
-        queries: security-extended,security-and-quality
-        config: |
-          paths-ignore:
-            - '**/test/**'
-            - '**/tests/**'
-            - '**/*_test.py'
-            - '**/test_*.py'
-
-    - name: Autobuild
-      uses: github/codeql-action/autobuild@v4
-
-    - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v4
-      with:
-        category: "/language:${{matrix.language}}"
-        upload: true
-        output: sarif-results
-
-    - name: Upload CodeQL results
-      uses: actions/upload-artifact@v4
-      if: always()
-      with:
-        name: codeql-results
-        path: sarif-results
-        retention-days: 30
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v4
+        with:
+          category: "/language:${{ matrix.language }}"
diff --git a/api/index.py b/api/index.py
index 18f61be..6dcd44b 100644
--- a/api/index.py
+++ b/api/index.py
@@ -1,41 +1,7 @@
-import os
-import sys
-from pathlib import Path
+from fastapi import APIRouter
 
-# Add the project root to Python path
-project_root = Path(__file__).parent.parent
-sys.path.insert(0, str(project_root))
+router = APIRouter()
 
-# Set environment variables for production
-os.environ.setdefault("ENVIRONMENT", "production")
-os.environ.setdefault(
-    "SECRET_KEY", os.environ.get("SECRET_KEY", "vercel-production-key-change-in-env")
-)
-
-# Import the FastAPI app
-from app.main import app
-
-# Vercel expects the app to be named 'app'
-# If your FastAPI app is named differently, change this
-app = app
-
-
-# Optional: Add Vercel-specific middleware or configuration
-@app.middleware("http")
-async def add_vercel_headers(request, call_next):
-    response = await call_next(request)
-    response.headers["X-Vercel-Cache"] = "MISS"
-    return response
-
-
-# Health check endpoint for Vercel
-@app.get("/api/health")
-async def health_check():
-    return {"status": "healthy", "platform": "vercel", "app": "NeuroBank FastAPI"}
-
-
-# For local development
-if __name__ == "__main__":
-    import uvicorn
-
-    uvicorn.run(app, host="0.0.0.0", port=int(os.environ.get("PORT", 8000)))
+@router.get("/")
+def root():
+    return {"status": "ok"}
diff --git a/api/requirements.txt b/api/requirements.txt
index f3d6e10..732276c 100644
--- a/api/requirements.txt
+++ b/api/requirements.txt
@@ -1,8 +1,8 @@
 fastapi==0.116.1
+starlette==0.37.2
 starlette==0.47.2
 uvicorn[standard]==0.38.0
 uvloop==0.21.0
-
 pydantic==2.7.0
 pydantic-settings==2.2.1
 
diff --git a/clean_unused_imports.sh b/clean_unused_imports.sh
new file mode 100755
index 0000000..720ee03
--- /dev/null
+++ b/clean_unused_imports.sh
@@ -0,0 +1,2 @@
+#!/bin/bash
+autoflake --in-place --remove-unused-variables --remove-all-unused-imports -r app
diff --git a/neurobank-fastapi.code-workspace b/neurobank-fastapi.code-workspace
index 84589de..ce1b1ab 100644
--- a/neurobank-fastapi.code-workspace
+++ b/neurobank-fastapi.code-workspace
@@ -17,7 +17,16 @@
       "**/*.pyc": true,
       ".venv": true
     },
-    "git.ignoreLimitWarning": true
+    "git.ignoreLimitWarning": true,
+    "cSpell.words": [
+      "asyncio",
+      "dotenv",
+      "jinja",
+      "loguru",
+      "pydantic",
+      "starlette",
+      "uvloop"
+    ]
   },
   "extensions": {
     "recommendations": [
diff --git a/requirements.txt b/requirements.txt
index f3d6e10..732276c 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,8 +1,8 @@
 fastapi==0.116.1
+starlette==0.37.2
 starlette==0.47.2
 uvicorn[standard]==0.38.0
 uvloop==0.21.0
-
 pydantic==2.7.0
 pydantic-settings==2.2.1