Notion 1.0.0
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone using the skill should understand that the token can allow reading or changing Notion workspace content that the integration can access.
The skill expects a Notion integration token to be stored locally and later used as a bearer token. This is purpose-aligned, but it gives the agent access to Notion pages/databases shared with that integration.
Copy the API key (starts with `ntn_` or `secret_`) ... echo "ntn_your_key_here" > ~/.config/notion/api_key
Create a dedicated Notion integration, share only the specific pages or databases needed, protect the local key file, and rotate the token if it may have been exposed.
An agent using these instructions could create or update Notion pages, databases, and blocks if given the token and target IDs.
The skill documents Notion API write operations using curl. These operations are central to the stated purpose, but incorrect targets or content could modify the user's Notion workspace.
Create page in a data source ... Create a data source (database) ... Update page properties ... Add blocks to page
Confirm target page/database IDs and proposed content before write operations, especially in shared or business workspaces.
Users have less assurance that the package metadata and registry listing identify the same publisher context.
The packaged metadata differs from the registry metadata shown for owner and slug, and the source is listed as unknown. This is a provenance inconsistency rather than evidence of malicious behavior.
"ownerId": "kn70pywhg0fyz996kpa8xj89s57yhv26", "slug": "notion"
Verify the publisher and skill provenance before using it with a real Notion API token.