SSRF in outbound project webhook delivery

A project admin could register an outbound webhook URL that resolved to internal addresses (cloud metadata, loopback, RFC1918), and the response body was persisted and exposed in the project settings UI. Fixed by validating URLs against a private-address blocklist before each delivery.

A project admin could register an outbound webhook URL pointing at internal addresses; the bot would fetch it and store the response body. Fixed in 0.0.1.