Security audit

paper-notion-summarizer

Security checks across malware telemetry and agentic risk

Overview

This skill does what it says, but its Notion update path can modify or clear existing pages in the token's accessible workspace with limited safeguards.

Install only if you are comfortable granting this skill Notion write access. Use a Notion integration token limited to the intended summaries area, run --dry-run first, avoid --force-update unless the matched page is disposable, and write extracted JSON only to non-sensitive paths such as /tmp.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 89% confidence
Finding: When --force-update is used, the script deletes all child blocks from the matched Notion page before appending new content, with no interactive confirmation or backup step. In an agent setting, a mistaken title match or unintended invocation could irreversibly destroy user-authored page contents within the integration's access scope.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal