Is this considered to be a flaw into the ravencore wallet?

So a few of you might have received the “scam coin”, which I guess someone was sending around as a joke.

I noticed that if you click the asset, it opens a link in your browser.

If I was a bad actor, I could send fake assets to random addresses which opens a phishing link after being clicked. Is this a security flaw & if it’s not why?