ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Notion Workspace

v0.1.0

Manage Notion workspace — search pages, read content, create pages in databases, append blocks, and list databases. Uses Notion REST API directly via urllib/...

0· 425·0 current·0 all-time
byMarouane@mrnsmh
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
high confidence
Purpose & Capability
The code (scripts/notion.py) and SKILL.md implement the described capabilities (search, read, create, append, list). The functions and endpoints used match the skill description. However, SKILL.md and the script expect a NOTION_TOKEN while the registry metadata lists no required environment variables or primary credential — an inconsistency that reduces transparency.
Instruction Scope
Runtime instructions stay within the Notion API domain (no unrelated system paths or alternate remote endpoints). They do instruct the user to set NOTION_TOKEN, but also note that a default token embedded in the script will be used if NOTION_TOKEN is not set — this grants the skill implicit authorization without an explicit user-provided credential.
Install Mechanism
No install spec is present (instruction-only + included Python script). No downloads or archive extraction occur, so there is no additional install-time risk beyond the provided code file.
!
Credentials
The script relies on a single NOTION_TOKEN (appropriate for the Notion integration), but the registry metadata fails to declare it as a required env/primary credential. Critically, the script contains a hardcoded default token string. Hardcoded credentials are a security/privacy smell: they may be valid tokens tied to the publisher's workspace and could cause unintended use of that token if users don't explicitly set their own. The presence of a built-in token and the missing registry declaration are disproportionate to the expected transparent handling of credentials.
Persistence & Privilege
The skill does not request always: true, does not persist or alter other skills, and has no install-time hooks. It runs as a normal, user-invokable skill without elevated platform privileges.
What to consider before installing
Before installing or using this skill: (1) Confirm the NOTION_TOKEN behavior — the SKILL.md and script expect NOTION_TOKEN but the registry metadata doesn't declare it; require the publisher to update metadata or treat this as manual. (2) Inspect and remove any hardcoded token in scripts/notion.py. If you have already used the embedded token (or suspect it might be valid), rotate/ revoke it from Notion and avoid using the default. (3) Prefer creating your own Notion integration and set a scoped NOTION_TOKEN in your environment rather than relying on defaults. (4) Verify the token's scope (read/write) matches what you intend and test in a safe workspace. (5) If you need assurance, ask the publisher for the token's origin or for a version of the skill with no embedded credentials and with NOTION_TOKEN declared as the primary credential in registry metadata.

Like a lobster shell, security has layers — review code before you run it.

latestvk979y9tje6mn3tw3tahh2860z181z9jp

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments