fix(security): resolve SSRF lint errors

packages/core/src/agents/a2a-client-manager.ts

@@ -35,6 +35,7 @@ import {
   isPrivateIpAsync,
   safeLookup,
   isLoopbackHost,
+  safeFetch,
 } from '../utils/fetch.js';
 import { debugLogger } from '../utils/debugLogger.js';
 
@@ -58,11 +59,6 @@ interface InternalGrpcExtensions {
   grpcChannelOptions: Record<string, unknown>;
 }
 
-// Local extension of RequestInit to support Node.js/undici dispatcher
-interface NodeFetchInit extends RequestInit {
-  dispatcher?: UndiciAgent;
-}
-
 // Remote agents can take 10+ minutes (e.g. Deep Research).
 // Use a dedicated dispatcher so the global 5-min timeout isn't affected.
 const A2A_TIMEOUT = 1800000; // 30 minutes
@@ -74,10 +70,8 @@ const a2aDispatcher = new UndiciAgent({
     lookup: safeLookup,
   },
 });
-const a2aFetch: typeof fetch = (input, init) => {
+const a2aFetch: typeof fetch = (input, init) =>
-  const nodeInit: NodeFetchInit = { ...init, dispatcher: a2aDispatcher };
+  safeFetch(input, { ...init, dispatcher: a2aDispatcher });
-  return fetch(input, nodeInit as RequestInit);
-};
 
 /**
  * Orchestrates communication with remote A2A agents.

packages/core/src/utils/fetch.ts

@@ -240,16 +240,16 @@ function handleFetchError(error: unknown, url: string): never {
  */
 export async function safeFetch(
   input: RequestInfo | URL,
-  init?: RequestInit,
+  init?: NodeFetchInit,
 ): Promise<Response> {
   const nodeInit: NodeFetchInit = {
-    ...init,
     dispatcher: safeDispatcher,
+    ...init,
   };
 
   try {
     // eslint-disable-next-line no-restricted-syntax
-    return await fetch(input, nodeInit);
+    return await fetch(input, nodeInit as RequestInit);
   } catch (error) {
     const url =
       input instanceof Request