Developed and delivered a security-focused feature for the openclaw/openclaw repository, implementing Server-Side Request Forgery (SSRF) protection for Microsoft Teams attachment downloads. The solution introduced a safeFetch wrapper in Node.js and TypeScript, which validates redirect hops against an allowlist and performs DNS and IP checks to prevent unauthorized access to private or internal hosts. This approach was applied comprehensively across all relevant download flows, including authentication retries and SharePoint redirects, ensuring consistent enforcement of security measures. The work demonstrated a strong focus on backend development and network security, addressing a critical vulnerability and enhancing the repository’s overall security posture.