ssrf_safe_async_client(
policy: SSRFPolicy = DEFAULT_SSRF_POLICY,
**kwargs: object = {}
) ->Create an httpx.AsyncClient with SSRF protection.
Drop-in replacement for httpx.AsyncClient(...) - callers just swap
the constructor call. Transport-specific kwargs (verify, cert,
retries, etc.) are forwarded to the inner AsyncHTTPTransport;
everything else goes to the AsyncClient.