Notion
ReviewAudited by ClawScan on May 1, 2026.
Overview
This Notion skill is coherent and disclosed, but users should recognize that it needs a Notion API token and an external CLI that can read or change shared Notion content.
Before installing, create a dedicated Notion integration token, share only the pages or databases you want the agent to access, verify the external Notion CLI package you install, and review any content or schema changes before applying them.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If used on the wrong page or database, the agent could add or change Notion content that other people may rely on.
The skill documents CLI operations that can modify Notion pages, database rows, and schemas. These actions are expected for the stated purpose and the schema section requires explicit confirmation, but users should notice the mutation authority.
notion-cli block append <page_id> --markdown "..." notion-cli page create --parent <page_id> --title "..." notion-cli page update <page_id> --props <json> notion-cli db schema apply <database_id> --desired <json>
Share the integration only with intended pages or databases, review planned changes before applying them, and require confirmation for schema or bulk updates.
The token can allow reading or modifying Notion pages and databases that have been shared with the integration.
The skill requires a Notion integration token, which is purpose-aligned for the official API. The instructions also explain the intended access boundary: only shared Notion content is visible.
Copy the Internal Integration Token. Export it as: export NOTION_API_KEY=secret_xxx Share the integration with the pages or databases you want to access. Unshared content is invisible to the API.
Create a dedicated Notion integration, share only the minimum required pages or databases, and rotate the token if it is exposed.
A malicious or wrong CLI package could mishandle the Notion token or perform unintended actions.
The actual API behavior is delegated to an external local CLI that is not included or pinned in the artifact set. This is disclosed and central to the skill, but users should choose the CLI source carefully.
The skill is declarative: it documents safe, recommended operations and assumes a local CLI (`notion-cli`) that actually performs API calls.
Install a well-known, maintained Notion CLI from a trusted source, review its permissions, and avoid installing similarly named packages from untrusted registries.