chore(deps): Update ag2[mcp,openai] requirement from >=0.12.3 to >=0.13.2 in /a2a/slack_researcher

[dependabot]

Updates the requirements on ag2[mcp,openai] to permit the latest version.

Release notes

Sourced from ag2[mcp,openai]'s releases.

v0.13.2

Highlights

🛣️ Continuing the Path to v1.0

v0.13.2 brings Agent Evaluations in Beta! Also, two new V2 LLM clients in Classic, and a security fix.

📍 Release Roadmap

---

🔬 Beta Framework (autogen.beta)

Agent Evaluations

• 🧪 Agent Evaluations – New evaluation framework for grading agent outputs (autogen.beta.eval). 🎮 Try it live in the AG2 Playground 📔 Docs: Evaluation

Other Beta Updates

• 📁 xAI File API – Implemented file API support in the Beta xAI provider.
• 🔧 OpenAI Config Cleanup – Omit empty parameters in Beta OpenAI configs.

⚙️ Classic Framework

New V2 LLM Clients

• 🤖 Anthropic V2 Client – Next-generation Anthropic client using the UnifiedResponse architecture.
• ☁️ Bedrock V2 Client – Next-generation AWS Bedrock client returning UnifiedResponse with provider, model, text, usage, and cost.

🔐 Security

• 🛡️ Context Expression — Code Injection Fix (GHSA-9fvw-gr53-m7fw) – ContextExpression now escapes string values before eval to prevent code injection. All users on prior versions should upgrade.
• 🐚 Shell Operators Blocked in Readonly Mode – Block shell operators when running in readonly / allowed-command mode.

LLM & Tooling Fixes

• 🔧 tool_call Simulation – Fixed tool_call simulation in agent messages.
• 🔧 Double-Registration Guard – Avoid double-registering pre-registered tools in run().
• 🔧 DeepResearchAgent None Summary – Fixed DeepResearchAgent returning None summary.
• 🔧 RunCompletionEvent Summary – Coerce chat summary to str.

Integrations

• 🔌 LlamaIndex 0.13 – Support workflow-based agents introduced in llama-index 0.13.
• 🔌 MCP StdioConfig – Pass working_dir to StdioServerParameters.

Windows / UTF-8 Encoding

... (truncated)

Commits

• 7b01285 Version bump to 0.13.2 (#2917)
• 99e4797 fix(llamaindex): support workflow-based agents introduced in llama-index 0.13...
• c654f64 fix(context-expression): escape string values before eval to prevent code inj...
• fc08465 fix(llm_config): pin config_list_from_json file reads to UTF-8 (#2909)
• 217a43f fix: block shell operators in readonly/allowed-command mode (#2689)
• 32eacc3 fix(beta): stop shipping beta extensions as pyproject extras (#2916)
• a81a366 feat(beta/eval): add threshold() scorer + agent_judge(threshold=) for pass/fa...
• 4aa64c6 fix(beta): make opentelemetry optional for eval and install tracing in beta-l...
• c9b9e05 Add TinyFish search and fetch tools (#2820)
• 222bab0 fix: DeepResearchAgent returning None summary (#1770) (#2744)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)