This code is vulnerable to intent injection attacks because it starts a new
activity from a user-provided intent without prior validation.