push-notification-setup

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly handles incoming Firebase Cloud Messaging and remote notification payloads (see the Firebase onMessage/setBackgroundMessageHandler and platform RemoteMessage/UNUserNotificationCenter code in SKILL.md), which are untrusted third-party messages that the agent/app reads and acts on (displaying notifications, deep links), so they could carry indirect prompt-injection instructions.