Notion CLI – Command Line Interface based access to Notion for your agent

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward Notion CLI guide, but it gives agents access to any Notion pages you share with the integration.

Before installing, review the external notion-cli repository and npm dependencies, create a dedicated Notion integration, share only the pages or databases needed, avoid debug logging around sensitive workspace content, protect or rotate the API key, and require explicit confirmation before update, archive, delete, append, or comment commands.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 87% confidence
Finding: The skill recommends enabling `NOTION_DEBUG=true` for verbose request/response logging without warning that API responses may contain sensitive workspace content and request metadata may expose credentials or authorization headers. In an agent or shared environment, such logs can persist to disk, terminals, or telemetry backends and create secondary disclosure risk.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal