1. F1503 SSRF Regression: isSafeURL Guard Deleted from Staging Leaves Metadata Endpoint Unprotected
A critical security regression has been identified in the F1503 staging branch, exposing a dangerous gap in server-side request forgery (SSRF) protection. Core-OffSec Audit #17 has confirmed that a2a_proxy_helpers.go, which housed the isSafeURL SSRF guard function, was deleted from the staging environment. The deletion...