Notion Openapi Skill

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed Notion API helper that can read and modify Notion content, with clear guidance to confirm writes before use.

Install only if you intend to let an agent use your Notion API permissions. Prefer a dedicated Notion integration connected only to the needed pages or databases, grant write access only when required, confirm every create/update/append/trash action, and use a pinned or bundled schema for sensitive work.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 96% confidence
Finding: The schema exposes page updates, page creation, block updates, child appends, and block deletion/trashing operations without any embedded guardrails, confirmation requirements, or explicit safety guidance. In an agentic context, that makes accidental or prompt-induced destructive actions materially more likely, especially because the same skill also supports broad discovery and traversal of Notion content.

VirusTotal

59/59 vendors flagged this skill as clean.

View on VirusTotal