#10394: feat(mattermost): add image attachment support for inbound messages

## Summary Adds support for receiving and processing image attachments in Mattermost messages, allowing the AI to see and analyze images sent by users. ## Changes - Add `buildMattermostImageContents()` function to convert downloaded images to base64 format - Pass images to LLM context via `replyOptions.images` - Enable `ssrfPolicy.allowPrivateNetwork` for local/self-hosted Mattermost servers ## Why? Previously, when users sent images via Mattermost, they were downloaded but never passed to the AI context. This change completes the image pipeline. The SSRF policy change is necessary because many Mattermost deployments are self-hosted on localhost/127.0.0.1, and the default SSRF protection blocks these addresses. ## Testing Tested with self-hosted Mattermost on localhost:8065. Images are now successfully: 1. Downloaded from Mattermost API 2. Converted to base64 3. Passed to the AI, which can describe the image contents ## Related This brings Mattermost image support in line with other channels like Telegram that already support inbound images. <!-- greptile_comment --> <h2>Greptile Overview</h2> <h3>Greptile Summary</h3> - Adds inbound Mattermost image handling by reading downloaded image media from disk, base64-encoding it, and attaching it to `replyOptions.images` for the LLM. - Extends Mattermost media download flow to pass an `ssrfPolicy` that allows private network addresses. - Keeps existing attachment placeholder/media payload behavior, but now also supplies image blocks to the reply dispatch pipeline. <h3>Confidence Score: 3/5</h3> - This PR is reasonably close, but it weakens SSRF protections and can attach oversized base64 images without bounding, which should be addressed before merge. - The feature is straightforward and uses existing media download/save plumbing, but the unconditional `allowPrivateNetwork` flag changes the security posture for all Mattermost deployments, and the image-to-base64 path lacks size/sanitization guarantees that the rest of the image pipeline relies on. - extensions/mattermost/src/mattermost/monitor.ts <!-- greptile_other_comments_section --> _{(2/5) Greptile learns from your feedback when you react with thumbs up/down!} <!-- /greptile_comment -->