It is currently fairly easy to DoS the graph service, e.g., by performing a visit on the transposed graph starting from the empty file.
We should add safeguards against this. We already have accounting for the number of edges traversed during visit, so the easiest first step would be adding a maximum number of edges traversed during a visit. It should be a configuration option for the service, not overridable a runtime.