Fetch Context

If agent has contextUrl, runtime endpoint proxies to that URL.

Security behavior

• URL validated via validateExternalUrl
• URL revalidated before fetch (revalidateExternalUrl)
• Redirect responses are rejected
• Optional shared auth header: ROOAAK_CONTEXT_TOKEN

If no contextUrl, returns default empty object:

{ "user": null, "integrations": {}, "blocks": {} }