v2.6.7

URL-fetching knowledge readers now take an allowed_hosts parameter, so a reader pulls only from hosts you trust and rejects everything else. This closes the same SSRF and data-exfiltration surface during knowledge ingestion that any link-following fetcher opens in production.

See cookbook for more reference.