axiom-push-notifications

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly shows a Notification Service Extension pattern that downloads an arbitrary imageURL from the push payload via URLSession (Service Extension — Media Enrichment) and also documents acting on custom data/deepLink in notification userInfo, meaning untrusted third‑party URLs/data from push payloads are fetched and interpreted to drive attachments and navigation.