Notion
PassAudited by ClawScan on May 7, 2026.
Overview
This appears to be a normal Notion integration, but it requires a Maton API key/OAuth connection and can access, route, and—after confirmation—change Notion workspace data.
Before installing, make sure you trust Maton as a broker for your Notion content. Grant the smallest practical Notion access, specify the intended connection when you have multiple workspaces, and approve writes or deletes only after checking the exact target resource.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing and authorizing this skill can let the agent access Notion workspace content and, with confirmation, modify or delete Notion resources.
The skill uses delegated Notion OAuth access and can read and mutate workspace resources. This is expected for the stated purpose and is disclosed, but it grants meaningful account authority.
Access the Notion API with managed OAuth authentication. Query databases, search pages, and read workspace content. All write operations (creating, updating, or deleting pages, blocks, and databases) require explicit user confirmation
Authorize only the intended Notion workspace/pages, use the intended connection ID, review all write/delete requests carefully, and revoke the connection when no longer needed.
A mistaken or insufficiently reviewed API call could create, update, or delete the wrong Notion page, block, or database.
The skill exposes a broad native Notion API path including write methods. The artifact includes an explicit confirmation boundary, so this is purpose-aligned but still worth user attention.
https://api.maton.ai/notion/{native-api-path} ... Write operations (POST, PATCH, DELETE) must only be executed after the user confirms the target page/database ID and intended connection.Use read-only/search actions by default, and require explicit confirmation of the exact page/database ID, operation, and connection before any write.
Notion queries and returned workspace content may be processed through Maton's service rather than going directly from the agent to Notion.
Notion requests and responses pass through Maton's API gateway, and Maton handles OAuth token injection. This is disclosed and central to managed OAuth, but it is an external data boundary.
Maton proxies requests to `api.notion.com` and automatically injects your OAuth token.
Install only if you trust Maton to broker Notion access, and avoid granting access to highly sensitive Notion content unless necessary.
If you install the optional CLI, you are trusting software outside this instruction-only skill package.
The skill documents optional global CLI installation from external package managers. There is no automatic install spec or bundled code to review here, so this is a user-directed setup note rather than a concern.
npm install -g @maton-ai/cli ... brew install maton-ai/cli/maton
Verify the Maton CLI package/source before installing, or use the documented direct API/Python approach if you do not need the CLI.