"ServiceExtension varies from different versions, do you really want to open it?" paraphrased popup in the morning.

This morning on Sonoma Version 14.1 (23B74) I did see a popup message about ServiceExtension being different than its prior versions and asking whether I really would like to proceed with opening it. I denied and I am now worried about security and implications. The M1 Air was in my own WPA3 Nest WiFi and was idling/standby over night with Bluetooth not turned off and no devices connected other than a direct to socket USB-C charger from Dell I've had for years. Everything was in my home and no one else had access.

iPad stayed next to it ready to be used as second screen.

I monitor the network and have not received alerts on unknown devices attempting to access.

My Nest Wifi has seen weird outages of everything or just individual Mesh AP's in the past.

My Chinese cleaning robot runs somewhat isolated in a guest network.

I have been accessing some government run websites which require profiles, certificates yesterday.

14.1.1 seems to have been released during the night to which I have not updated yet.

What might be the origin of this message?

What is the nature of ServicesExtension?

What did denying imply?

What would opening have risked?

Should I investigate it further?

I am taking security serious and have to.

I do use Setapp on this Mac. That could be relevant as it did some rather deep and weird stuff leading to issues a couple of OS versions back. I also have CleanMyMac on the machine, of which I make very reduced and relatively savvy use only for very specific tasks with all automation and backup stuff turned off, understanding that it is a mostly unnecessary and risky app.