Security considerations

[JoosepAlviste]

• Reducing the possible GraphQL vulnerabilities (e.g., max query complexity)
  • https://the-guild.dev/graphql/envelop/docs/guides/securing-your-graphql-api
• Rate limiting (based on user, IP)
• Maybe there are some Fastify plugins that we could enable?