fix(tools): apply SSRF guard to Firecrawl fallback fetch path

[AI-Reviewer-QS]

Summary

• Replace plain fetch() in fetchFirecrawlContent with fetchWithSsrFGuard to validate the Firecrawl endpoint URL against the same SSRF policy
• Properly release the guarded fetch dispatcher via try/finally after the Firecrawl request completes
• Remove unused withTimeout import that was previously used by the plain fetch call

Test plan

• Linting passes with no errors
• Manual: verify Firecrawl fallback still works with valid public endpoint URLs
• Manual: verify SSRF-blocked Firecrawl endpoint URLs (e.g., pointing to internal IPs) are rejected

Greptile Summary

Adds SSRF protection to the Firecrawl fallback fetch path by replacing plain fetch() with fetchWithSsrFGuard(), ensuring the Firecrawl endpoint URL is validated against the same SSRF policy used for direct web fetches.

• Replaced plain fetch() call with fetchWithSsrFGuard() wrapper that validates the endpoint URL
• Added proper resource cleanup via try/finally block to release the guarded dispatcher
• Removed unused withTimeout import (timeout now handled by fetchWithSsrFGuard)
• Follows the same pattern already established in the performDirectFetch function within this file

Confidence Score: 5/5

• This PR is safe to merge with minimal risk
• The change is a straightforward security improvement that follows existing patterns in the codebase. The implementation correctly handles SSRF protection, error handling, and resource cleanup. The removed import was genuinely unused.
• No files require special attention

_{Last reviewed commit: f25fbed}

[HenryLoenwind]

This scrutinises the user-configured URL, not just the redirects from the firecrawl server, and has no policy set. In effect, it prevents the user from setting up their own firecrawl-compatible server or secure tunnel as it blocks all access to local installations.

Set a policy that limits requests to stay within the same authority domain (intranet or internet) based on the configured URL.

(Note: This also requires a configuration option to define what the local intranet encompasses, which is required for so many other checks, too, that rely on hardcoded IP ranges at the moment.)

[AI-Reviewer-QS]

Closing based on reviewer feedback. The current implementation blocks legitimate local Firecrawl installations and self-hosted setups. A proper fix would need a policy-based approach rather than blanket blocking of local addresses.