capacitor-push-notifications

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's runtime code consumes and acts on untrusted notification payloads—e.g., the iOS NotificationService downloads an image from request.content.userInfo["image"] (an arbitrary URL) and the push handlers read/interpret notification.data to show in-app notifications or navigate—so it clearly fetches and processes third-party content from external/untrusted sources.