I don't plan to develop new features for Agora for the foreseeable future, but you can probably mitigate the problem using the pre-existing ratelimit system built in to Agora. For instance, in https://github.com/Pecon/Agora/blob/master/themes/twilight/register.php#L144 the registration action is limited to at most two signups per ten minute (600 second) period. You can increase the timeout period and/or reduce the number of signups allowed in the time period to help mitigate spammy actions. This rate limit system also is applied to all the other actions you referred to, you can search the codebase for uses of 'checkRateLimitAction' to find and modify the rate limiting behavior of all those other actions as you would like.
Hopefully that helps whatever issues you're dealing with.
