docs: render Ask AI answers as markdown + harden the chat endpoint

Markdown: render assistant messages with streamdown (the same AI-streaming
markdown component the main app's chat uses), so bold/lists/code render
instead of raw **asterisks**. User messages stay plain text.

Abuse guards: the endpoint proxies a paid LLM, so cap the cost of any single
request — max messages, max input size, max output tokens, fewer tool steps —
and reject obvious cross-origin calls (lenient: Origin is a filter, not a
boundary). Durable per-IP rate limiting, a provider spend cap, and edge bot
protection are provisioned separately.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

Author: ouiliame

apps/docs/app/api/chat/route.ts

@@ -14,6 +14,45 @@ const CHAT_MODEL = process.env.OPENAI_CHAT_MODEL || 'gpt-5.4-mini'
 /** Max documentation chunks returned per search to ground an answer. */
 const SEARCH_LIMIT = 6
 
+/**
+ * Abuse guards. This endpoint proxies a paid LLM, so an unauthenticated public
+ * route is a target for scripted "free inference". These bounds cap the cost of
+ * any single request; durable per-IP rate limiting, a provider spend cap, and
+ * edge bot protection are provisioned separately (see the PR checklist).
+ */
+const MAX_MESSAGES = 30
+const MAX_INPUT_CHARS = 12_000
+const MAX_OUTPUT_TOKENS = 800
+const MAX_STEPS = 3
+
+/**
+ * Reject obvious cross-origin calls. Same-origin browser requests send an
+ * `Origin` header matching the host; we allow those, plus any host in
+ * DOCS_ALLOWED_ORIGINS (comma-separated). Requests with no Origin (e.g. curl)
+ * are allowed through to the cost caps rather than blocked, since Origin is
+ * trivially spoofable and is a filter, not a security boundary.
+ */
+function isAllowedOrigin(req: Request): boolean {
+  const origin = req.headers.get('origin')
+  if (!origin) return true
+
+  let originHost: string
+  try {
+    originHost = new URL(origin).host
+  } catch {
+    return false
+  }
+
+  const requestHost = req.headers.get('x-forwarded-host') ?? req.headers.get('host')
+  if (originHost === requestHost) return true
+
+  const allowlist = (process.env.DOCS_ALLOWED_ORIGINS ?? '')
+    .split(',')
+    .map((value) => value.trim())
+    .filter(Boolean)
+  return allowlist.includes(originHost)
+}
+
 const SYSTEM_PROMPT = `You are the documentation assistant for Sim — the open-source AI workspace where teams build, deploy, and manage AI agents.
 
 Answer questions about Sim using the documentation. Always call the searchDocs tool before answering anything specific about Sim's features, configuration, or usage — do not answer from memory. Base your answer only on the returned documentation; if the docs do not cover the question, say so plainly rather than guessing.
@@ -52,13 +91,25 @@ async function searchDocs(query: string) {
 }
 
 export async function POST(req: Request) {
+  if (!isAllowedOrigin(req)) {
+    return new Response('Forbidden', { status: 403 })
+  }
+
   const { messages }: { messages: UIMessage[] } = await req.json()
 
+  if (!Array.isArray(messages) || messages.length === 0 || messages.length > MAX_MESSAGES) {
+    return new Response('Invalid request', { status: 400 })
+  }
+  if (JSON.stringify(messages).length > MAX_INPUT_CHARS) {
+    return new Response('Request too large', { status: 413 })
+  }
+
   const result = streamText({
     model: openai(CHAT_MODEL),
     system: SYSTEM_PROMPT,
     messages: convertToModelMessages(messages),
-    stopWhen: stepCountIs(5),
+    stopWhen: stepCountIs(MAX_STEPS),
+    maxOutputTokens: MAX_OUTPUT_TOKENS,
     tools: {
       searchDocs: tool({
         description:

apps/docs/components/ai/ask-ai.tsx

@@ -4,7 +4,9 @@ import { type FormEvent, useEffect, useRef, useState } from 'react'
 import { useChat } from '@ai-sdk/react'
 import { DefaultChatTransport } from 'ai'
 import { ArrowUp, MessageCircle, Square, X } from 'lucide-react'
+import { Streamdown } from 'streamdown'
 import { cn } from '@/lib/utils'
+import 'streamdown/styles.css'
 
 interface DocSource {
   title: string
@@ -110,16 +112,21 @@ export function AskAI() {
                     message.role === 'user' ? 'items-end' : 'items-start'
                   )}
                 >
-                  <div
-                    className={cn(
-                      'max-w-[90%] whitespace-pre-wrap rounded-lg px-3 py-2 text-sm',
-                      message.role === 'user'
-                        ? 'bg-[var(--surface-active)] text-[var(--text-base)]'
-                        : 'text-[var(--text-base)]'
-                    )}
-                  >
-                    {text || (isBusy ? '…' : '')}
-                  </div>
+                  {message.role === 'user' ? (
+                    <div className='max-w-[90%] whitespace-pre-wrap rounded-lg bg-[var(--surface-active)] px-3 py-2 text-[var(--text-base)] text-sm'>
+                      {text}
+                    </div>
+                  ) : (
+                    <div className='max-w-[90%] text-[var(--text-base)] text-sm'>
+                      {text ? (
+                        <Streamdown className='space-y-2 text-sm leading-relaxed [&_a]:text-[var(--text-link)] [&_a]:underline [&_li]:my-0.5 [&_ol]:list-decimal [&_ol]:pl-5 [&_ul]:list-disc [&_ul]:pl-5'>
+                          {text}
+                        </Streamdown>
+                      ) : isBusy ? (
+                        '…'
+                      ) : null}
+                    </div>
+                  )}
                   {sources.length > 0 && (
                     <div className='flex max-w-[90%] flex-wrap gap-1.5'>
                       {sources.map((source) => (

apps/docs/package.json

@@ -34,6 +34,7 @@
     "react": "19.2.4",
     "react-dom": "19.2.4",
     "shiki": "4.0.0",
+    "streamdown": "2.5.0",
     "tailwind-merge": "^3.0.2",
     "reactflow": "^11.11.4",
     "framer-motion": "^12.5.0",