push-notifications

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Notification Service Extension and rich-notification code explicitly download and attach media from arbitrary URLs provided in notification payloads (e.g., media_url and image_url in NotificationService.downloadAttachment/attachImage and the rich notification handling), so it fetches and processes untrusted third‑party content at runtime.