fix(security): block SSRF via custom AI model URL

Apply security.ValidateURL() to custom_api_url in PUT /api/models before
storing — blocks private IPs, cloud metadata endpoints, and localhost.
Replace plain http.Client in mcp/config.go with security.SafeHTTPClient()
for defense-in-depth (DialContext blocks private IPs, CheckRedirect
validates targets). Add SSRF warning to WithHTTPClient() docs.

mcp/config.go

@@ -7,6 +7,7 @@ import (
 	"time"
 
 	"nofx/logger"
+	"nofx/security"
 )
 
 // Config client configuration (centralized management of all configurations)
@@ -48,7 +49,7 @@ func DefaultConfig() *Config {
 
 		// Default dependencies (use global logger)
 		Logger:     logger.NewMCPLogger(),
-		HTTPClient: &http.Client{Timeout: DefaultTimeout},
+		HTTPClient: security.SafeHTTPClient(DefaultTimeout),
 	}
 }
 

mcp/options.go

@@ -22,7 +22,11 @@ func WithLogger(logger Logger) ClientOption {
 	}
 }
 
-// WithHTTPClient sets custom HTTP client
+// WithHTTPClient sets custom HTTP client.
+//
+// WARNING: The default client uses security.SafeHTTPClient() with SSRF protection
+// (blocks private IPs, cloud metadata, validates redirects). Overriding it bypasses
+// these protections. Only use in tests or with a client providing equivalent safeguards.
 //
 // Usage example:
 //   httpClient := &http.Client{Timeout: 60 * time.Second}