Diy Pc Ingest
ReviewAudited by ClawScan on May 10, 2026.
Overview
This skill is not obviously malicious, but it should be reviewed because it can change Notion data and the preview-versus-write instructions are unclear.
Before installing, use a dedicated minimal-scope Notion integration, verify the notion-api-automation dependency, and do not run the apply script until the skill clearly shows a preview-only command versus an explicit confirmed write command.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent or user could accidentally create or update Notion rows during what was expected to be only a preview.
The same mutation-capable script is instructed for both the no-write preview step and the write/upsert step, without a clearly documented flag or command boundary in the provided instructions.
5) **Search existing records in Notion** using `scripts/notion_apply_records.js` ... **Do not write anything** ... 7) **Upsert into Notion** using `scripts/notion_apply_records.js`
Make dry-run behavior explicit and default, require an explicit apply/confirm flag for writes, and document separate preview and write commands.
A mistaken JSONL record could overwrite fields or archive a Notion page accessible to the integration.
The skill discloses direct update, archive, and overwrite controls. They are useful for cleanup but can clear fields or archive pages if used incorrectly.
`page_id` (or `id`): update this Notion page directly (bypasses upsert matching); `archive: true`: archive the page ... `overwrite: true`: allow overwriting existing values (including clearing with null)
Use these controls only after an explicit user request, validate that the page belongs to the intended DIY_PC target, and require extra confirmation for archive or overwrite operations.
If the token has access beyond the DIY_PC tables, mistakes or overbroad commands could affect more Notion data than intended.
The Notion token is expected for this integration, but its scope determines how much Notion data the skill can read or modify.
Provide Notion auth ... env: `NOTION_API_KEY` ... Use minimal-scope Notion integration permissions (only target DIY_PC data sources).
Use a dedicated Notion integration shared only with the target DIY_PC databases, and do not store the token in published files.
The installed dependency can make Notion API requests using the user's token; a wrong or compromised dependency would increase risk.
The runtime executes a helper from a separate dependency skill. This dependency is disclosed, but it is outside the provided artifact contents and receives the Notion credential environment.
const NOTIONCTL_PATH = path.resolve(__dirname, '..', '..', 'notion-api-automation', 'scripts', 'notionctl.mjs'); ... execFileSync('node', args, { encoding: 'utf-8', env }).trim();Install notion-api-automation from a trusted source, review or pin its version if possible, and keep the Notion token narrowly scoped.
Some receipt or product text could be sent to external search/fetch providers if enrichment is used.
The skill discloses optional external enrichment. Pasted receipts or specs may contain product, price, serial, or order-context details.
External enrichment (optional): `web_search`/`web_fetch` may send partial product text to external web providers.
Skip web enrichment for sensitive receipts, or remove order IDs, serial numbers, and personal details before allowing search/fetch.