Include error message in pipeline output when source_info is missing

[ashsong-nv]

Currently there is no validation on whether the input message contains source info. When there is no source info, the agent is only able to use the internet search tool, which severely degrades the output. There are no warnings about the degraded output in the output JSON or markdown report, which can cause confusion and misleading accuracy results.

We should handle missing source info with one of the following options:

1. Add pydantic validation and return an error upfront so the message is skipped altogether
2. Continue to collect intel, and run the VulnerableDependencyChecker, but skip agent processing and include a warning message in the output
3. Run full pipeline with agent, but include a warning message in the output

Optionally, make this a user configurable option.

[ashsong-nv]

One benefit of option 2 is that some users might find it valuable to still have the intel gathering and SBOM checking functionality. Needs product decision/prioritization.

[ashsong-nv]

We recently merged #76 that adds error handling for git clone failures and allows the pipeline to proceed. This can also result in the same issue as above.

Solution 1 with Pydantic validation won't address this case, so solution 2 seems most promising to cover both cases.