ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Notion Integration

v1.0.0

Work with Notion databases, pages, and APIs. Use when user needs to create, read, update, or delete Notion pages and databases; automate Notion workflows; sy...

0· 22·0 current·0 all-time
byBIN@dinghaibin

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for dinghaibin/notion-helper.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Notion Integration" (dinghaibin/notion-helper) from ClawHub.
Skill page: https://clawhub.ai/dinghaibin/notion-helper
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install notion-helper

ClawHub CLI

Package manager switcher

npx clawhub@latest install notion-helper
Security Scan
Capability signals
Requires sensitive credentials
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name, description, SKILL.md, and the included script all align: the code uses the official notion-client to query, create, read, and update Notion pages/databases. However, the registry metadata does not declare the single obvious required credential (NOTION_TOKEN) or mark it as the primary credential — a transparency/information mismatch.
Instruction Scope
Runtime instructions and the CLI script stay within Notion API usage. The SKILL.md and scripts only reference NOTION_TOKEN and notion-client; they do not read unrelated files, system paths, or other environment variables, nor do they call unexpected external endpoints.
Install Mechanism
This is an instruction-only skill with one included Python script. It suggests installing the well-known pip package notion-client (no install spec in registry). No obscure downloads or extraction steps are present, but the lack of a formal install spec means the agent/user will install dependencies at runtime using pip.
!
Credentials
The code requires an integration token (NOTION_TOKEN) to operate and prints API responses (which may include sensitive workspace data). The registry's required env vars and primary credential fields are empty — failing to declare that a secret is required reduces transparency and could lead to accidental exposure or misconfiguration. The number and scope of env vars requested (a single Notion token) is proportionate — the concern is omission from metadata and the potential for outputting sensitive content.
Persistence & Privilege
No special persistence is requested: always is false, the skill is user-invocable and may be invoked autonomously (platform default). The skill does not attempt to modify other skills or system-wide settings.
What to consider before installing
This skill's code and instructions are consistent with a Notion integration and only need a Notion 'Internal Integration Token' (NOTION_TOKEN). However, the registry metadata fails to declare that token — that omission reduces transparency. Before installing or running: (1) confirm you are comfortable providing a Notion integration token and create a token with least privileges (share only the databases/pages the integration needs); (2) review the included scripts yourself (they are short) to ensure printed API responses won't leak sensitive content to logs or other systems; (3) run in an isolated environment (or with a token that has limited scope) initially; and (4) ask the publisher to update the registry metadata to list NOTION_TOKEN as a required/primary credential so the skill's requirements are explicit. If you need higher assurance, request provenance (who published it) or prefer an official/verified Notion integration.

Like a lobster shell, security has layers — review code before you run it.

latestvk97026t2s6fwyqvnwg6980f31585mv1p
22downloads
0stars
1versions
Updated 4h ago
v1.0.0
MIT-0
BIN@dinghaibin
latest
Download

Notion Integration

Manage Notion workspaces via API for automation and integration.

Quick Start

# Install Notion client
pip install notion-client

# Set API key
export NOTION_TOKEN="secret_xxx"

Core Features

  • Database Operations: Create, query, update databases
  • Page Management: Create, read, update, delete pages
  • Block Operations: Add/update content blocks
  • User Info: Get workspace user information

Script Usage

# Query a database
python scripts/notion.py query --database-id <id>

# Create a page
python scripts/notion.py create-page --database-id <id> --title "Task Name"

# Get page content
python scripts/notion.py get-page --page-id <id>

Setup

  1. Create integration at https://www.notion.so/my-integrations
  2. Share database/page with integration
  3. Set NOTION_TOKEN environment variable

Examples

See references/examples.md for detailed use cases.

Comments

Loading comments...