add AGENTS.md to repo; fix .gitignore fox NextJS files

[3clyp50]

Summary by CodeRabbit

• Documentation
  • Added comprehensive project documentation including setup instructions, development patterns, API reference, testing strategies, and operational guidance.

[qodo-code-review]

Review Summary by Qodo

Add comprehensive AGENTS.md documentation and fix Next.js .gitignore

📝 Documentation

Walkthroughs

Description

• Add comprehensive AGENTS.md documentation for Novion platform
• Document full tech stack, project structure, and development patterns
• Include API documentation, testing strategy, and troubleshooting guide
• Fix .gitignore to properly exclude Next.js build artifacts

Diagram

flowchart LR
  A["Repository"] -->|Add| B["AGENTS.md<br/>1873 lines"]
  B -->|Contains| C["Quick Reference<br/>& Commands"]
  B -->|Contains| D["Project Structure<br/>& Patterns"]
  B -->|Contains| E["API Documentation<br/>& Examples"]
  B -->|Contains| F["Testing Strategy<br/>& Troubleshooting"]
  A -->|Update| G[".gitignore<br/>Next.js files"]

Loading

File Changes

1. AGENTS.md 📝 Documentation +1873/-0

Comprehensive developer documentation for Novion platform

• Created comprehensive 1873-line developer guide for Novion medical research platform
• Documents quick reference with backend/frontend dev server commands and tech stack
• Includes detailed project structure with key files and directory organization
• Provides development patterns and conventions for Python/FastAPI backend and Next.js/TypeScript
 frontend
• Documents complete REST API endpoints for chat, MCP tools, and BiomedParse GPU services
• Includes testing strategy, environment configuration, database setup, and troubleshooting guide
• Covers safety/permissions, git workflow, and onboarding checklist for new developers

AGENTS.md

---

2. .gitignore ⚙️ Configuration changes +0/-0

Fix .gitignore for Next.js files

• Updated to properly exclude Next.js build artifacts and cache directories
• Ensures .next, out, and other Next.js generated files are not committed

.gitignore

---

[gemini-code-assist]

Summary of Changes

Hello @3clyp50, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request significantly enhances the project's documentation by introducing a detailed guide for developers and contributors. This new document covers everything from the project's technical stack and core commands to development conventions, API specifications, and troubleshooting, aiming to streamline onboarding and maintain consistency. Concurrently, the .gitignore file was refined to ensure proper exclusion of Next.js-specific build outputs, improving repository cleanliness and build reliability.

Highlights

• New Documentation File: A comprehensive AGENTS.md file has been added, detailing the project's architecture, development patterns, API documentation, testing strategy, and operational guidelines for the Novion platform.
• .gitignore Updates: The .gitignore file has been updated to correctly ignore Next.js build artifacts by specifying the frontend/.next/ path and removing an unnecessary newline.

🧠 New Feature in Public Preview: You can now enable Memory to help Gemini Code Assist learn from your team's feedback. This makes future code reviews more consistent and personalized to your project's style. Click here to enable Memory in your admin console.

Changelog

• .gitignore
  • Corrected the path for ignoring Next.js build output from /.next/ to frontend/.next/.
  • Removed an extraneous blank line at the top of the file.
  • Ensured the file ends with a newline character.
• AGENTS.md
  • Added a new Markdown file providing extensive documentation for the Novion Medical Research and Analysis Platform.
  • Included sections on project overview, core commands, project structure, development patterns (backend/frontend), safety and permissions, code examples, API documentation, database usage, environment configuration, testing strategy, troubleshooting, and Git workflow.
  • Provided a quick start checklist for new developers.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[coderabbitai]

Important

Review skipped

Auto reviews are disabled on base/target branches other than the default branch.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

• 🔍 Trigger review

📝 Walkthrough

Walkthrough

The pull request updates the .gitignore configuration to target frontend/.next/ instead of the root /.next/ directory and adds a new comprehensive documentation file (AGENTS.md) detailing the Novion project's setup, runtime commands, development patterns, API usage, testing strategy, and operational guidance.

Changes

Cohort / File(s)	Summary
Configuration .gitignore	Updated path pattern from /.next/ to frontend/.next/ to properly ignore frontend build artifacts; added formatting blank line.
Documentation AGENTS.md	New comprehensive reference guide covering project overview, runtime commands, structure, development patterns, API documentation, backend/frontend code examples, environment configuration, testing strategies, troubleshooting, Git workflow, and contributor guidance.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~15 minutes

Poem

🐰 A paths adjustment, quite neat,
With docs so thorough, the guide's complete,
Frontend builds hidden from sight,
And guidance abundant, shining bright! 📚✨

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately summarizes the two main changes: adding AGENTS.md documentation and fixing .gitignore for NextJS files.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

Tip

Issue Planner is now in beta. Read the docs and try it out! Share your feedback on Discord.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[gemini-code-assist]

Code Review

This pull request introduces a comprehensive AGENTS.md guide for developers and corrects an incorrect path in the .gitignore file for Next.js build artifacts. The new documentation is very detailed and will be a great resource. I've identified a few inconsistencies and areas for clarification within AGENTS.md, such as inconsistent project and Docker image naming, an ambiguous component naming convention, and a confusing code example. Addressing these points will improve the clarity and consistency of the documentation for new contributors. The .gitignore change is correct and necessary for the monorepo structure.

[gemini-code-assist]

There's an inconsistency in the project name used across the documentation. This file (AGENTS.md) refers to the project as "Novion", while other documentation files like DEPLOY_GPU.md and DEPLOY_LOCAL.md refer to it as "RadSysX". The frontend package name is "radx" and some backend classes also use RadSysX. To avoid confusion for new developers, it would be beneficial to standardize on a single project name throughout all documentation.

[3clyp50]

No worries Gem, project name's actually RadSysX.

[gemini-code-assist]

The Docker image name novion-backend:gpu used here is inconsistent with the name radsysx-backend:gpu used in DEPLOY_GPU.md. This can lead to confusion and errors during deployment. Please ensure the Docker image name is consistent across all documentation.

Suggested change

	docker build -t novion-backend:gpu -f backend/Dockerfile .
	# Run with GPU support
	docker run --gpus all -p 8000:8000 \
	-e BP3D_CKPT=/weights/biomedparse_3D_AllData_MultiView_edge.ckpt \
	-e BP_TMP_TTL=7200 -e BP_TMP_SWEEP=1800 -e BP_VALIDATE_HEATMAP=1 \
	-v /opt/weights:/weights \
	novion-backend:gpu
	docker build -t radsysx-backend:gpu -f backend/Dockerfile .
	# Run with GPU support
	docker run --gpus all -p 8000:8000 \
	-e BP3D_CKPT=/weights/biomedparse_3D_AllData_MultiView_edge.ckpt \
	-e BP_TMP_TTL=7200 -e BP_TMP_SWEEP=1800 -e BP_VALIDATE_HEATMAP=1 \
	-v /opt/weights:/weights \
	radsysx-backend:gpu

[gemini-code-assist]

The file naming convention for components is ambiguous. It states to use kebab-case but also PascalCase 'when standard'. The examples in the project structure (DicomViewer.tsx, AdvancedViewer.tsx) suggest PascalCase is the primary convention for component files. To improve clarity, consider simplifying this rule.

Suggested change

	- **Files**: kebab-case for components (`dicom-viewer.tsx`), PascalCase for component files when standard (`DicomViewer.tsx`)
	- **Files**: PascalCase for component files (e.g., `DicomViewer.tsx`).

[gemini-code-assist]

The 'BAD' example for mixing type and value imports is confusing because it includes CoreViewer, which isn't from lib/types. This distracts from the main point about using import type for types. Simplifying the example would make the rule clearer.

Suggested change

	❌ **BAD - Mixing type and value imports**:
	```tsx
	// Don't mix when importing types
	import { DicomImage, CoreViewer } from '@/lib/types'; // BAD
	// Instead:
	import type { DicomImage } from '@/lib/types';
	import { CoreViewer } from '@/components/core/CoreViewer';
	```
	❌ **BAD - Mixing type and value imports**:
	```tsx
	// Don't use a value import for a type-only file.
	import { DicomImage } from '@/lib/types'; // BAD: DicomImage is a type.
	// Instead:
	import type { DicomImage } from '@/lib/types';
	import { CoreViewer } from '@/components/core/CoreViewer';

[qodo-code-review]

Code Review by Qodo

🐞 Bugs (6) 📘 Rule violations (1) 📎 Requirement gaps (0)

1. Wrong tool endpoint 🐞 Bug ✓ Correctness

Description

AGENTS.md instructs clients to call POST /tools/execute, but the backend implements POST
/execute_tool. Following the doc (and the existing test client) will cause 404s and prevent MCP
tool execution.

Code

AGENTS.md[R874-884]

+##### POST `/tools/execute` - Execute MCP Tool
+Request:
+```json
+{
+  "tool_name": "query_fhir",
+  "params": {
+    "resource_type": "Patient",
+    "search_params": {"name": "John"}
+  }
+}
+```

Evidence

AGENTS.md documents /tools/execute, while the FastAPI app exposes /execute_tool. The
repository’s test client also calls /tools/execute, confirming real breakage against the current
server implementation.

AGENTS.md[874-885]
backend/server.py[273-276]
tests/test_client.py[40-45]

Agent prompt

The issue below was found during a code review. Follow the provided context and guidance below and implement a solution

## Issue description
`AGENTS.md` (and `tests/test_client.py`) call `POST /tools/execute`, but the FastAPI backend only exposes `POST /execute_tool`, causing 404s and breaking tool execution.

## Issue Context
This repo already has a test client wired to `/tools/execute`, so the likely intent is that the backend should serve that route (or at least provide an alias).

## Fix Focus Areas
- AGENTS.md[874-885]
- backend/server.py[273-305]
- tests/test_client.py[35-45]

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools

---

2. Nonexistent /chat/ask 🐞 Bug ✓ Correctness

Description

AGENTS.md documents POST /chat/ask and a /chat payload with model and agent_type, but the
backend only implements /chat and /chat/stream with a different request schema. Clients built
from the doc will fail or send ignored fields.

Code

AGENTS.md[R802-846]

+##### POST `/chat` - Direct LLM Chat
+Request:
+```json
+{
+  "message": "Explain the mechanism of aspirin",
+  "model": "gpt-4",  // or "gemini-pro"
+  "agent_type": null  // null for general chat
+}
+```
+
+Response:
+```json
+{
+  "response": "Aspirin works by...",
+  "model": "gpt-4"
+}
+```
+
+##### POST `/chat/stream` - Streaming Chat
+Request: Same as `/chat`
+
+Response: Server-Sent Events (SSE) stream
+```
+data: {"chunk": "Aspirin"}
+data: {"chunk": " works"}
+data: {"chunk": " by..."}
+```
+
+##### POST `/chat/ask` - Specialized Agent Consultation
+Request:
+```json
+{
+  "query": "What are the side effects of ibuprofen?",
+  "agent_type": "pharmacist",  // or "researcher", "medical_analyst"
+  "model": "gpt-4"
+}
+```
+
+Response:
+```json
+{
+  "response": "<think>Analyzing ibuprofen side effects...</think>\n\nCommon side effects include...",
+  "agent_type": "pharmacist"
+}
+```

Evidence

The documented /chat/ask endpoint is not implemented in backend/server.py. Additionally, the
backend’s ChatRequest expects model_provider/model_name, not model/agent_type as
documented.

AGENTS.md[802-838]
backend/server.py[46-50]
backend/server.py[225-246]

Agent prompt

The issue below was found during a code review. Follow the provided context and guidance below and implement a solution

## Issue description
`AGENTS.md` documents a `/chat/ask` endpoint and request fields (`model`, `agent_type`) that do not exist in the backend. This will mislead developers and break clients.

## Issue Context
The backend currently exposes `/chat` and `/chat/stream` only, using `ChatRequest(message, model_provider, model_name)`.

## Fix Focus Areas
- AGENTS.md[800-852]
- backend/server.py[46-50]
- backend/server.py[225-270]

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools

---

3. BiomedParse docs incorrect 🐞 Bug ✓ Correctness

Description

AGENTS.md claims BiomedParse endpoints are available under the main FastAPI server and shows
response shapes that don’t match the implemented router models. The backend defines a BiomedParse
router, but it is not mounted in backend/server.py, so the documented endpoints will be
unreachable via python backend/server.py.

Code

AGENTS.md[R937-984]

+#### BiomedParse Endpoints (GPU Backend)
+
+**Base URL**: `http://localhost:8000/api/biomedparse/v1`
+
+##### GET `/health` - Health Check
+Response:
+```json
+{
+  "status": "healthy",
+  "gpu_available": true,
+  "checkpoint_loaded": true
+}
+```
+
+##### POST `/predict-2d` - 2D Image Segmentation
+Request: `multipart/form-data`
+- `file`: Image file (PNG, JPG)
+- `prompts`: Comma-separated prompts (e.g., "liver, tumor")
+- `threshold`: Float (default: 0.5)
+- `return_heatmap`: Boolean (default: false)
+
+Response:
+```json
+{
+  "seg_url": "/files/seg_abc123.npz",
+  "prob_url": "/files/prob_abc123.npz",
+  "prompts": ["liver", "tumor"],
+  "threshold": 0.5
+}
+```
+
+##### POST `/predict-3d-nifti` - 3D Volume Segmentation
+Request: `multipart/form-data`
+- `file`: NIfTI file (.nii, .nii.gz)
+- `prompts`: Comma-separated prompts
+- `threshold`: Float (default: 0.5)
+- `return_heatmap`: Boolean (default: false)
+- `slice_batch_size`: Integer (optional, auto-tuned by GPU VRAM)
+
+Response:
+```json
+{
+  "mask_url": "/files/mask_xyz789.nii.gz",
+  "heatmap_url": "/files/heatmap_xyz789.nii.gz",
+  "prompts": ["liver"],
+  "threshold": 0.5
+}
+```

Evidence

The BiomedParse router exists with prefix /api/biomedparse/v1, but backend/server.py does not
import/include it, meaning the documented base URL won’t work. Additionally, the backend response is
{status, results} with NPZ artifact URLs, not the seg_url/prob_url and .nii.gz examples shown
in AGENTS.md.

AGENTS.md[939-984]
backend/biomedparse_api.py[45-46]
backend/biomedparse_api.py[397-432]
backend/server.py[16-21]

Agent prompt

The issue below was found during a code review. Follow the provided context and guidance below and implement a solution

## Issue description
`AGENTS.md` documents BiomedParse endpoints under the main backend, but the router is not included in the FastAPI app started by `backend/server.py`. Response examples also don’t match the implemented schema.

## Issue Context
The BiomedParse implementation exists as a FastAPI `APIRouter` with prefix `/api/biomedparse/v1`, but the app doesn’t `include_router` it.

## Fix Focus Areas
- AGENTS.md[937-984]
- backend/biomedparse_api.py[45-46]
- backend/biomedparse_api.py[397-432]
- backend/server.py[1-37]

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools

---

4. HTTPException leaks str(e) 📘 Rule violation ⛨ Security

Description

The new FastAPI example in AGENTS.md recommends returning detail=f"Error: {str(e)}", which can
expose internal exception details to end users. This conflicts with the secure error handling
requirement to keep user-facing errors generic and log details only to internal logs.

Code

AGENTS.md[R281-290]

+async def chat_endpoint(request: ChatRequest):
+    try:
+        response = await chat_interface.get_response(
+            request.message, 
+            model=request.model
+        )
+        return {"response": response}
+    except Exception as e:
+        raise HTTPException(status_code=500, detail=f"Error: {str(e)}")
+```

Evidence

PR Compliance ID 4 requires that user-facing errors not reveal internal implementation details;
however, the added documentation example explicitly includes the exception string in the HTTP
response detail.

Rule 4: Generic: Secure Error Handling
AGENTS.md[281-290]

Agent prompt

The issue below was found during a code review. Follow the provided context and guidance below and implement a solution

## Issue description
The FastAPI example in `AGENTS.md` returns `HTTPException(..., detail=f"Error: {str(e)}")`, which may expose internal exception details to API clients.

## Issue Context
The compliance checklist requires user-facing errors to be generic, with detailed stack traces/details only in secure internal logs.

## Fix Focus Areas
- AGENTS.md[281-290]

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools

---

5. Frontend API client mismatch 🐞 Bug ✓ Correctness

Description

AGENTS.md instructs importing an api client from frontend/lib/api.ts and using methods like
post() and streamChat(), but frontend/lib/api.ts exports apiClient and uses fetch()
against Next.js /api routes; no streamChat API exists. This will cause immediate import/runtime
errors for developers following the doc.

Code

AGENTS.md[R988-1034]

+Always use the centralized API client from `lib/api.ts`:
+
+```tsx
+import { api } from '@/lib/api';
+
+// Chat with LLM
+const chatResponse = await api.post('/chat', {
+  message: 'Explain diabetes treatment options',
+  model: 'gpt-4'
+});
+
+// Ask specialized agent
+const agentResponse = await api.post('/chat/ask', {
+  query: 'Latest clinical trials for type 2 diabetes',
+  agent_type: 'researcher',
+  model: 'gpt-4'
+});
+
+// Stream chat response
+const stream = await api.streamChat({
+  message: 'Analyze this ECG',
+  model: 'gpt-4'
+});
+
+for await (const chunk of stream) {
+  console.log(chunk.chunk);
+}
+
+// Execute MCP tool
+const toolResult = await api.post('/tools/execute', {
+  tool_name: 'query_fhir',
+  params: {
+    resource_type: 'Patient',
+    search_params: { name: 'Smith' }
+  }
+});
+
+// BiomedParse 3D segmentation
+const formData = new FormData();
+formData.append('file', niftiFile);
+formData.append('prompts', 'liver,tumor');
+
+const segResult = await api.post(
+  '/api/biomedparse/v1/predict-3d-nifti?return_heatmap=true',
+  formData,
+  { headers: { 'Content-Type': 'multipart/form-data' } }
+);

Evidence

AGENTS.md’s sample code references an API surface (api.post, api.streamChat) that does not exist
in the repository’s frontend/lib/api.ts, which exports an apiClient object with different
methods.

AGENTS.md[988-1014]
frontend/lib/api.ts[3-6]
frontend/lib/api.ts[78-85]

Agent prompt

The issue below was found during a code review. Follow the provided context and guidance below and implement a solution

## Issue description
Documentation references a frontend API client (`api.post`, `api.streamChat`) that doesn’t exist, and points to `frontend/lib/api.ts` as the streaming backend client although it currently exports `apiClient` using `fetch`.

## Issue Context
This is likely to cause broken imports and confusion for new developers.

## Fix Focus Areas
- AGENTS.md[780-782]
- AGENTS.md[988-1034]
- frontend/lib/api.ts[1-85]
- frontend/lib/api/biomedparse.ts[1-116]

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools

---

6. PHI logging contradiction 🐞 Bug ⛨ Security

Description

AGENTS.md states PHI must never be logged, but the backend streaming endpoint prints part of the
user query to stdout. If queries include patient identifiers, this can leak PHI into logs and
conflicts with the documented policy.

Code

AGENTS.md[R729-734]

+⚠️ **CRITICAL - Protected Health Information (PHI) Handling**:
+- Never log actual patient data, DICOM patient info, or PHI to console/logs
+- All PHI access must be audited (user_id, action, resource_id, timestamp, ip_address)
+- DICOM files in `dicom-test-files/` are for testing only - treat as sensitive
+- When working with FHIR resources, always validate permissions
+- Test data should be anonymized or synthetic

Evidence

The new documentation sets a strict ‘never log PHI’ rule, but the current server implementation logs
user-provided query text (first 50 chars), which can contain PHI depending on usage.

AGENTS.md[729-734]
backend/server.py[125-130]

Agent prompt

The issue below was found during a code review. Follow the provided context and guidance below and implement a solution

## Issue description
Docs assert PHI must never be logged, but backend currently logs query snippets in `/stream`, which may include PHI.

## Issue Context
Even partial query snippets can contain patient names/MRNs depending on how the system is used.

## Fix Focus Areas
- AGENTS.md[727-735]
- backend/server.py[99-131]

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools

---

View more (1)

7. Secret-scan false positives 🐞 Bug ⛨ Security

Description

AGENTS.md includes an OPENAI_API_KEY=sk-... example which can trip secret scanners/CI policies
that look for sk- patterns, despite being a placeholder.

Code

AGENTS.md[R1134-1137]

+# LLM API Keys (at least one required)
+OPENAI_API_KEY=sk-...
+GOOGLE_API_KEY=...  # For Gemini models
+ANTHROPIC_API_KEY=...  # For Claude models

Evidence

The placeholder uses a real-key-like prefix (sk-) commonly matched by secret detection tools,
which can block merges or trigger alerts.

AGENTS.md[1134-1137]

Agent prompt

The issue below was found during a code review. Follow the provided context and guidance below and implement a solution

## Issue description
Documentation includes key-like placeholders that may be flagged by secret scanners.

## Issue Context
Many orgs enforce scanning rules that detect `sk-` patterns.

## Fix Focus Areas
- AGENTS.md[1133-1138]

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools

---

ⓘ The new review experience is currently in Beta. Learn more

[qodo-code-review]

1. Wrong tool endpoint 🐞 Bug ✓ Correctness

AGENTS.md instructs clients to call POST /tools/execute, but the backend implements POST
/execute_tool. Following the doc (and the existing test client) will cause 404s and prevent MCP
tool execution.

Agent Prompt

## Issue description
`AGENTS.md` (and `tests/test_client.py`) call `POST /tools/execute`, but the FastAPI backend only exposes `POST /execute_tool`, causing 404s and breaking tool execution.

## Issue Context
This repo already has a test client wired to `/tools/execute`, so the likely intent is that the backend should serve that route (or at least provide an alias).

## Fix Focus Areas
- AGENTS.md[874-885]
- backend/server.py[273-305]
- tests/test_client.py[35-45]

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools

[qodo-code-review]

2. Nonexistent /chat/ask 🐞 Bug ✓ Correctness

AGENTS.md documents POST /chat/ask and a /chat payload with model and agent_type, but the
backend only implements /chat and /chat/stream with a different request schema. Clients built
from the doc will fail or send ignored fields.

Agent Prompt

## Issue description
`AGENTS.md` documents a `/chat/ask` endpoint and request fields (`model`, `agent_type`) that do not exist in the backend. This will mislead developers and break clients.

## Issue Context
The backend currently exposes `/chat` and `/chat/stream` only, using `ChatRequest(message, model_provider, model_name)`.

## Fix Focus Areas
- AGENTS.md[800-852]
- backend/server.py[46-50]
- backend/server.py[225-270]

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools

[qodo-code-review]

3. Biomedparse docs incorrect 🐞 Bug ✓ Correctness

AGENTS.md claims BiomedParse endpoints are available under the main FastAPI server and shows
response shapes that don’t match the implemented router models. The backend defines a BiomedParse
router, but it is not mounted in backend/server.py, so the documented endpoints will be
unreachable via python backend/server.py.

Agent Prompt

## Issue description
`AGENTS.md` documents BiomedParse endpoints under the main backend, but the router is not included in the FastAPI app started by `backend/server.py`. Response examples also don’t match the implemented schema.

## Issue Context
The BiomedParse implementation exists as a FastAPI `APIRouter` with prefix `/api/biomedparse/v1`, but the app doesn’t `include_router` it.

## Fix Focus Areas
- AGENTS.md[937-984]
- backend/biomedparse_api.py[45-46]
- backend/biomedparse_api.py[397-432]
- backend/server.py[1-37]

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools