ClawHub

Notion 1.0.0

Notion API for creating and managing pages, databases, and blocks.

MIT-0 · Free to use, modify, and redistribute. No attribution required.
0 · 396 · 18 current installs · 24 all-time installs
by@7revor
MIT-0
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The skill's name/description (Notion API client) matches the provided curl examples and operations. However, the metadata declares no required credentials while the instructions clearly require a Notion API key stored at ~/.config/notion/api_key. This mismatch is likely an oversight but is inconsistent.
!
Instruction Scope
SKILL.md instructs the agent/user to create a file in ~/.config/notion and to read that file (NOTION_KEY=$(cat ~/.config/notion/api_key)). The instructions therefore access local filesystem state not declared in metadata and also instruct writing a plaintext secret file without guidance on secure file permissions. Other than the secret file and API calls to api.notion.com, instructions stay within expected Notion usage.
Install Mechanism
No install spec and no bundled code — instruction-only skill — so nothing is written to disk by the platform installer beyond the agent following the prose. This is lowest-risk from an install perspective.
!
Credentials
The skill requires a Notion API key in practice but declares no primary credential or required env vars. The SKILL.md uses a local file containing the secret instead of declaring a secret env var or platform-managed credential. That omission reduces transparency about what credentials will be accessed and how.
Persistence & Privilege
The skill does not request always:true and does not modify other skills. Its only persistent action implied is instructing the user to create a local config file for the API key, which is normal for API clients.
What to consider before installing
This skill is basically a curl-based Notion API recipe and likely safe in intent, but there are a few inconsistencies you should consider before installing: (1) the metadata declares no required credentials while the SKILL.md tells you to create ~/.config/notion/api_key and the agent will read it — confirm you are comfortable storing a Notion key in that file and consider using a platform secret store or environment variable instead; (2) the instructions write a plaintext key file without advising secure file permissions (use chmod 600 or a secrets manager); (3) the package metadata ownerId in _meta.json does not match the registry owner ID — verify the publisher/source (homepage is Notion's docs but source is unknown); (4) because this is instruction-only with no code, the agent will execute only the commands in SKILL.md if invoked, but the missing credential declaration reduces transparency. If you proceed, verify the integration's scopes in Notion and restrict the API key to only the pages/databases you share with it.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.0
Download zip
latestvk97ctw63cabe8br8k80s1x9rz181ve3x

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

📝 Clawdis

SKILL.md

notion

Use the Notion API to create/read/update pages, data sources (databases), and blocks.

Setup

  1. Create an integration at https://notion.so/my-integrations
  2. Copy the API key (starts with ntn_ or secret_)
  3. Store it:
mkdir -p ~/.config/notion
echo "ntn_your_key_here" > ~/.config/notion/api_key
  1. Share target pages/databases with your integration (click "..." → "Connect to" → your integration name)

API Basics

All requests need:

NOTION_KEY=$(cat ~/.config/notion/api_key)
curl -X GET "https://api.notion.com/v1/..." \
  -H "Authorization: Bearer $NOTION_KEY" \
  -H "Notion-Version: 2025-09-03" \
  -H "Content-Type: application/json"

Note: The Notion-Version header is required. This skill uses 2025-09-03 (latest). In this version, databases are called "data sources" in the API.

Common Operations

Search for pages and data sources:

curl -X POST "https://api.notion.com/v1/search" \
  -H "Authorization: Bearer $NOTION_KEY" \
  -H "Notion-Version: 2025-09-03" \
  -H "Content-Type: application/json" \
  -d '{"query": "page title"}'

Get page:

curl "https://api.notion.com/v1/pages/{page_id}" \
  -H "Authorization: Bearer $NOTION_KEY" \
  -H "Notion-Version: 2025-09-03"

Get page content (blocks):

curl "https://api.notion.com/v1/blocks/{page_id}/children" \
  -H "Authorization: Bearer $NOTION_KEY" \
  -H "Notion-Version: 2025-09-03"

Create page in a data source:

curl -X POST "https://api.notion.com/v1/pages" \
  -H "Authorization: Bearer $NOTION_KEY" \
  -H "Notion-Version: 2025-09-03" \
  -H "Content-Type: application/json" \
  -d '{
    "parent": {"database_id": "xxx"},
    "properties": {
      "Name": {"title": [{"text": {"content": "New Item"}}]},
      "Status": {"select": {"name": "Todo"}}
    }
  }'

Query a data source (database):

curl -X POST "https://api.notion.com/v1/data_sources/{data_source_id}/query" \
  -H "Authorization: Bearer $NOTION_KEY" \
  -H "Notion-Version: 2025-09-03" \
  -H "Content-Type: application/json" \
  -d '{
    "filter": {"property": "Status", "select": {"equals": "Active"}},
    "sorts": [{"property": "Date", "direction": "descending"}]
  }'

Create a data source (database):

curl -X POST "https://api.notion.com/v1/data_sources" \
  -H "Authorization: Bearer $NOTION_KEY" \
  -H "Notion-Version: 2025-09-03" \
  -H "Content-Type: application/json" \
  -d '{
    "parent": {"page_id": "xxx"},
    "title": [{"text": {"content": "My Database"}}],
    "properties": {
      "Name": {"title": {}},
      "Status": {"select": {"options": [{"name": "Todo"}, {"name": "Done"}]}},
      "Date": {"date": {}}
    }
  }'

Update page properties:

curl -X PATCH "https://api.notion.com/v1/pages/{page_id}" \
  -H "Authorization: Bearer $NOTION_KEY" \
  -H "Notion-Version: 2025-09-03" \
  -H "Content-Type: application/json" \
  -d '{"properties": {"Status": {"select": {"name": "Done"}}}}'

Add blocks to page:

curl -X PATCH "https://api.notion.com/v1/blocks/{page_id}/children" \
  -H "Authorization: Bearer $NOTION_KEY" \
  -H "Notion-Version: 2025-09-03" \
  -H "Content-Type: application/json" \
  -d '{
    "children": [
      {"object": "block", "type": "paragraph", "paragraph": {"rich_text": [{"text": {"content": "Hello"}}]}}
    ]
  }'

Property Types

Common property formats for database items:

  • Title: {"title": [{"text": {"content": "..."}}]}
  • Rich text: {"rich_text": [{"text": {"content": "..."}}]}
  • Select: {"select": {"name": "Option"}}
  • Multi-select: {"multi_select": [{"name": "A"}, {"name": "B"}]}
  • Date: {"date": {"start": "2024-01-15", "end": "2024-01-16"}}
  • Checkbox: {"checkbox": true}
  • Number: {"number": 42}
  • URL: {"url": "https://..."}
  • Email: {"email": "a@b.com"}
  • Relation: {"relation": [{"id": "page_id"}]}

Key Differences in 2025-09-03

  • Databases → Data Sources: Use /data_sources/ endpoints for queries and retrieval
  • Two IDs: Each database now has both a database_id and a data_source_id
    • Use database_id when creating pages (parent: {"database_id": "..."})
    • Use data_source_id when querying (POST /v1/data_sources/{id}/query)
  • Search results: Databases return as "object": "data_source" with their data_source_id
  • Parent in responses: Pages show parent.data_source_id alongside parent.database_id
  • Finding the data_source_id: Search for the database, or call GET /v1/data_sources/{data_source_id}

Notes

  • Page/database IDs are UUIDs (with or without dashes)
  • The API cannot set database view filters — that's UI-only
  • Rate limit: ~3 requests/second average
  • Use is_inline: true when creating data sources to embed them in pages

Files

2 total
Select a file
Select a file to preview.

Comments

Loading comments…