Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Vibe Notionbot
v1.5.0Interact with Notion workspaces using official API - manage pages, databases, blocks, users, and comments
⭐ 0· 676·0 current·0 all-time
byJeon Suyeol@devxoul
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill's name and description match the instructions: it is a CLI wrapper for the official Notion API and exposes many Notion operations. Requiring a CLI binary (vibe-notionbot) and offering page/database/block commands is coherent with the purpose.
Instruction Scope
The SKILL.md instructs runtime use of the vibe-notionbot CLI and describes reading local files (e.g., --markdown-file, auto-uploading local images) and using an Integration token via NOTION_TOKEN. However the skill forbids calling the Notion API directly and forbids writing scripts — these are policy-like constraints that limit alternatives but are not themselves harmful. Crucially, the runtime instructions rely on an environment variable (NOTION_TOKEN) and local files, yet the skill metadata does not declare this env var or any required config paths, creating an incoherence between what the instructions expect and what the metadata promises.
Install Mechanism
The install spec is a Node (npm) package: 'vibe-notion' which installs the 'vibe-notionbot' binary. Installing an npm package is common for a CLI, but the skill metadata has no source/homepage and the registry metadata lists 'Source: unknown' and no homepage — lack of provenance increases risk because the package contents and repository can't be reviewed from the skill metadata alone.
Credentials
The tool requires an integration token (NOTION_TOKEN) to operate according to SKILL.md, but requires.env is empty and no primaryEnv is declared. This omission is a mismatch: the skill will need a secret (NOTION_TOKEN) to function, yet it does not declare it. Requesting a Notion integration token would be proportionate to the stated purpose, but the omission reduces transparency and could hide required privileges.
Persistence & Privilege
The skill does not request always:true, does not require system config paths, and is user-invocable only. No unusual persistence or elevated platform privileges are requested.
What to consider before installing
This skill is plausibly a normal Notion CLI, but there are unresolved red flags you should address before installing or granting access: 1) The runtime docs require NOTION_TOKEN (a Notion integration secret) but the skill metadata does not declare it — expect to provide that token; only grant the minimum scopes needed. 2) The npm package provenance is missing (no source or homepage). Before installing, verify the 'vibe-notion' package on the npm registry, inspect its repository and README, and review the package contents (scripts, postinstall hooks) locally or in a sandbox. 3) Be careful with local files: the CLI can upload local markdown/images — do not pass sensitive files. 4) Prefer installing in a controlled environment (container or VM) if you plan to try it, and audit the binary that is produced. 5) If you cannot find a reputable upstream repo or package author, treat the package as untrusted and do not provide your NOTION_TOKEN. If you want, I can list exact checks to perform on the npm package (package.json, repository URL, maintainers, install scripts) or help craft minimal Notion integration permissions to limit risk.Like a lobster shell, security has layers — review code before you run it.
latestvk9773p36fhxe1x9aybrp9eekw1843m77
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
Binsvibe-notionbot
Install
Node
Bins: vibe-notionbot
npm i -g vibe-notion