docs: Clarify client-specific action types in README and safety notes

Author: laurentftech

README.md

@@ -196,12 +196,11 @@ Here’s a summary of how actions are handled:
 | applescript | ❌             | ✅ Supported (extension) | 🟡 Planned (user-triggered only)                           |
 | shortcut    | ❌             | ✅ Supported (extension) | 🟡 Planned (user-triggered only)                           |
 
-> Some action types (`AppleScript` and `Shortcut`) are client-specific > payload extensions implemented by ntfy-macos.
-> They are not part of the ntfy protocol and will ignored by other ntfy clients.
 
 > `script` actions are blocked from the payload to prevent arbitrary code execution.  
 > `AppleScript` and `Shortcut` actions are sandboxed and considered safe to run, **but should only be used with a private ntfy server you fully control**.
 
+**Note:** `applescript` and `shortcut` are **ntfy-macos client-specific actions**. Only `view`, `http`, `broadcast`, and `dismiss` are part of the official ntfy protocol. Planned config.yml actions will be user-triggered only; payload execution remains limited to supported types.
 
 ## CLI Commands