#518 [API/Memory] Workflow list query - unbounded days filter

**File:** api/blueprints/v1/workflows.py:814-885 **Problem:** User can request `?days=36500` (100 years) and load millions of rows. No LIMIT clause when days parameter is provided. **Severity:** HIGH (DoS vector) **Fix:** ```python MAX_DAYS_FILTER = 90 days = min(request.args.get('days', type=int), MAX_DAYS_FILTER) # Add LIMIT even with days filter LIMIT 10000 ``` **Impact:** Trivial DoS - single request can exhaust server memory.