fix(security): Add secretToken to mediator commands
Description
This MR ports the changes over from the security branch security-0.0.1-dev-20230713160749
.
Original description
- This prevents XSS by using a runtime generated secret token to communicate with the mediator
- It does not solve the problem that mediator commands are available to other extensions. That will be solves in this issue.