Arbitrary file write triggered by deeplink abuse - MetaMask Android

@renekroka and @hackerontwowheels from the [UGWST](https://ugwst.com/) team have found a vulnerability in the MetaMask Android app that allows for arbitrary files to be written to disk. The team demonstrated how attackers can deeplink into MetaMask's in-app browser, and trigger the immediate download of an attacker supplied file. Due to a lack of confirmation prompts, users are not made aware that a download has occurred until after the payload has been downloaded. The MetaMask team would like to once again thank @renekroka and @hackerontwowheels for their excellent find, and for helping make MetaMask more secure.