mmk-paymint-notion-invoice

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly queries and ingests user-generated Notion database content via the mmk notion database schema/query steps (Steps 1–2) and uses those fields (phone, message, status mapping, etc.) to decide, compose, and send invoices and to drive write-back actions, so untrusted third‑party content from Notion can materially influence tool use and behavior.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly designed to create and send payment invoices via the Paymint service: it calls mmk-paymint bulk-send and mmk-paymint send, requires a Paymint license/business-number, sends real invoices with payment links via SMS, receives bill_id/result codes/shortURL, and updates Notion with transaction IDs and status. This is a specific payment-gateway integration (not a generic API caller or browser automation), so it grants direct financial execution capability.