ClawHub

Notion API 2026 01 15

v1.0.1

Use the Notion API (2026-01-15) to create, move, update, and manage pages, databases, blocks, and apply templates with support for locking and data source qu...

0· 1.2k·0 current·0 all-time
by@dongkukim
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
high confidence
Purpose & Capability
The SKILL.md is a straightforward Notion API cookbook (create/move/pages/templates/blocks). The operations shown align with a Notion integration's purpose. However, the registry metadata declares no required credentials or config paths even though the instructions explicitly require storing and reading a Notion API key at ~/.config/notion/api_key (or using a NOTION_KEY env var). That omission is inconsistent.
!
Instruction Scope
Runtime instructions tell the agent/user to create ~/.config/notion/api_key and to read it (NOTION_KEY=$(cat ~/.config/notion/api_key)) and then run curl calls to api.notion.com. Reading/writing that local file and using the token is within the Notion helper's purpose, but the skill manifest did not declare this file access. The instructions are otherwise concrete and limited to Notion endpoints (no broad file-system or network exfiltration guidance).
Install Mechanism
This is instruction-only with no install spec or code files, so there is no installer risk and nothing is written to disk by the platform beyond what the user explicitly does when following the guide.
!
Credentials
The skill legitimately needs a Notion API token, but the manifest lists no required env vars or primary credential. The SKILL.md tells users to store a secret token in plaintext at ~/.config/notion/api_key and then read it — that is expected for a Notion helper but should be declared in requires.env / required config paths. Storing tokens in plaintext is also a security consideration; a secrets manager or the platform's secret storage would be preferable.
Persistence & Privilege
The skill does not request always:true and has no install scripts; it would only use the token when invoked. Keep in mind that if the agent is allowed to invoke skills autonomously (default), any supplied token could be used by the agent without additional confirmation — this is standard behavior but increases blast radius if the token is granted to an untrusted skill.
What to consider before installing
This skill appears to be a normal Notion API helper, but its manifest is inconsistent: the README instructs you to store and read a Notion API token at ~/.config/notion/api_key (or as NOTION_KEY) even though the skill metadata lists no required credentials or config paths. Before installing or using it: (1) ask the publisher to correct the manifest to declare the required credential or config path; (2) prefer storing the token in a secure secrets manager or the platform's secret storage rather than a plaintext file; (3) only supply a Notion integration token you trust (create a dedicated integration with minimal scopes rather than reuse a powerful account token); (4) verify the Notion-Version header and endpoint dates if you rely on newly described features; and (5) avoid granting an untrusted skill persistent or broad access — if the platform allows per-skill secrets, use that instead of putting tokens in your home directory.

Like a lobster shell, security has layers — review code before you run it.

latestvk97e1x723m8h26wb82a7zz20e980sr4f

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments