## Build & Development Commands
- Use Environment Variables for API Keys: Store sensitive API keys (e.g., OpenAI API key) in environment variables instead of hardcoding them in the source code. Use the os library to access these variables in your application.

- Implement Input Validation: Validate user inputs to ensure they conform to expected formats (e.g., code snippets) before processing them. This helps prevent injection attacks and ensures the integrity of the analysis.

- Limit API Call Frequency: Implement rate limiting to avoid exceeding API usage limits. This can be done by tracking the number of requests made in a given time frame and pausing or queuing requests as necessary.

- Error Handling and Logging: Implement robust error handling to manage exceptions gracefully. Log errors and important events to a secure logging system for monitoring and debugging purposes.

- Use Memory Wisely: If using LangChain's memory features, ensure that sensitive information is not stored in memory. Use memory only for context that is necessary for the conversation or analysis.

- Secure Dependencies: Regularly update dependencies to their latest versions to mitigate vulnerabilities. Use tools like pip-audit to check for known vulnerabilities in your dependencies.

- Limit Code Execution Context: If the tool allows for executing user-provided code, ensure that it runs in a secure, isolated environment (e.g., using Docker or a sandbox) to prevent malicious code execution.

- Document Code and API Usage: Maintain clear documentation for the codebase and API usage. This includes documenting the purpose of each function, expected inputs, and outputs, as well as any limitations.

- Implement User Authentication (if applicable): If the tool will be used by multiple users, implement user authentication to control access to the tool and its features. Use secure methods for user authentication (e.g., OAuth, JWT).

- Regular Security Audits: Conduct regular security audits of the codebase and infrastructure to identify and address potential vulnerabilities. This includes reviewing access controls, API key management, and data handling practices.

## Testing Guidelines
- Unit Testing: Write unit tests for all functions and classes in your codebase. Each test should cover a specific functionality or behavior of the code. Use a testing framework like unittest or pytest to organize and run your tests.

- Mock External API Calls: When testing functions that make calls to external APIs (e.g., OpenAI), use mocking to simulate API responses. This prevents actual API calls during testing and allows you to test various scenarios. Libraries like unittest.mock or responses can be used for mocking.

- Test Edge Cases: Identify and test edge cases, such as empty inputs, invalid data formats, and extreme values. Ensure that the agent handles these cases gracefully without crashing.

- Integration Testing: Write integration tests to verify that different components of the application work together as expected. This includes testing the interaction between the LLM agent and other parts of the system (e.g., user input handling, output formatting).

- Security Testing: Test for vulnerabilities, such as injection attacks or unauthorized access. Ensure that user inputs are sanitized and that sensitive information is not exposed in error messages or logs.

- Documentation of Test Cases: Document all test cases, including the purpose of each test, the expected outcomes, and any specific scenarios being tested. This aids in understanding the testing strategy and facilitates future maintenance.

## Code Style & Guidelines 
- Follow PEP 8 Guidelines: Adhere to the PEP 8 style guide for Python code. This includes naming conventions, indentation, line length, and spacing. Use tools like flake8 or pylint to enforce these guidelines.

- Use Meaningful Variable and Function Names: Choose descriptive names for variables and functions that clearly convey their purpose. Avoid abbreviations and single-letter names unless they are widely understood (e.g., i for index).

Keep Functions Small and Focused: Write small, focused functions that perform a single task. This makes the code easier to read, test, and maintain. If a function is too long, consider breaking it into smaller helper functions.

- Consistent Indentation: Use consistent indentation (4 spaces per level is standard in Python). Avoid mixing tabs and spaces, as this can lead to confusion and errors.

- Use Type Annotations: Utilize type annotations to specify the expected types of function parameters and return values. This improves code readability and helps with static type checking.

## Documentation Guidelines 
- Comment and Document Your Code: Write comments to explain complex logic or decisions in your code. Use docstrings to document functions, classes, and modules, including parameters, return values, and exceptions raised.