ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Notion Workspace API Tools

v1.0.2

Use for tasks that read or modify Notion pages, data sources, or blocks via the Notion API.

1· 261·1 current·1 all-time
by@jeffreymaomao
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name, description, and runtime instructions all describe legitimate Notion API operations (search, read, create, update, append, trash/restore). Requested actions and referenced endpoints (https://api.notion.com/v1/...) are consistent with the stated purpose.
Instruction Scope
The SKILL.md stays within Notion API usage and gives concrete curl templates and safety rules. It does instruct the agent to prefer a runtime-provided NOTION_KEY and, as an optional local fallback, to read ~/.config/notion/api_key — which means the agent is explicitly permitted to read a local file for credentials. No unrelated system paths, other services, or external endpoints are referenced.
Install Mechanism
This is instruction-only with no install spec and no code files, so nothing is written to disk by an installer. That is the lowest-risk install model.
!
Credentials
The skill expects NOTION_KEY and NOTION_VERSION at runtime and provides a local-file fallback (~/.config/notion/api_key), but the registry metadata lists no required environment variables or primary credential. The omission of a declared primary credential (NOTION_KEY) is a mismatch that could confuse users about what secrets are needed and what the skill will access.
Persistence & Privilege
The skill does not request always: true, does not modify other skills or system-wide settings, and is user-invocable only. Autonomous invocation is allowed (platform default) but is not combined here with privileged persistence or broad cross-skill access.
What to consider before installing
This skill appears to do exactly what it says (call the Notion API) and uses only Notion endpoints, but you should verify the runtime will provide a NOTION_KEY before granting access. The SKILL.md also allows reading a fallback token file at ~/.config/notion/api_key — if you use that pattern, understand the skill will read that file to obtain credentials. Because the registry metadata does not declare NOTION_KEY as a required credential, ask the skill author or your operator where the key must come from, and only supply a token you control (prefer a least-privilege integration token). Do not paste your full token into chat; if you install or test this skill and later doubt its behavior, rotate/revoke the Notion key. Finally, confirm the skill's source or owner (source is unknown) before installing so you can trust future automated calls to your workspace.

Like a lobster shell, security has layers — review code before you run it.

latestvk974w6nqs6sd4t1nbfyrxcaf8h82v62b

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

📝 Clawdis

Comments