fix: guard browser control fetches

extensions/browser/src/browser/client-fetch.ts

@@ -1,3 +1,4 @@
+import { fetchWithSsrFGuard } from "openclaw/plugin-sdk/ssrf-runtime";
 import { normalizeOptionalString } from "openclaw/plugin-sdk/text-runtime";
 import { normalizeLowercaseStringOrEmpty } from "openclaw/plugin-sdk/text-runtime";
 import { formatCliCommand } from "../cli/command-format.js";
@@ -183,8 +184,17 @@ async function fetchHttpJson<T>(
   }
 
   const t = setTimeout(() => ctrl.abort(new Error("timed out")), timeoutMs);
+  let release: (() => Promise<void>) | undefined;
   try {
-    const res = await fetch(url, { ...init, signal: ctrl.signal });
+    const guarded = await fetchWithSsrFGuard({
+      url,
+      init,
+      signal: ctrl.signal,
+      policy: { allowPrivateNetwork: true },
+      auditContext: "browser-control-client",
+    });
+    release = guarded.release;
+    const res = guarded.response;
     if (!res.ok) {
       if (isRateLimitStatus(res.status)) {
         // Do not reflect upstream response text into the error surface (log/agent injection risk)
@@ -199,6 +209,7 @@ async function fetchHttpJson<T>(
     return (await res.json()) as T;
   } finally {
     clearTimeout(t);
+    await release?.();
     if (upstreamSignal && upstreamAbortListener) {
       upstreamSignal.removeEventListener("abort", upstreamAbortListener);
     }