hocnhanh_n8n
ReviewAudited by ClawScan on May 1, 2026.
Overview
This is a straightforward Notion API instruction skill, but it needs a Notion API key and can create or update shared Notion content.
Before installing, create a dedicated Notion integration, share only the pages or databases the agent should access, and be cautious when approving create or update operations.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If installed with a broad Notion integration token, the agent could read or modify any shared Notion pages or databases within that token's permissions.
The skill requires a Notion API key, which gives the agent delegated access to the Notion resources shared with that integration.
"requires": { "env": ["NOTION_API_KEY"] }, "primaryEnv": "NOTION_API_KEY"Use a dedicated Notion integration key, share only the specific pages or databases needed, and rotate the key if it is exposed.
Mistaken page IDs, database IDs, or payloads could create unwanted entries or change existing Notion content.
The skill documents raw API calls that can create and update Notion workspace content. This is purpose-aligned, but it is still mutation authority.
curl -X POST "https://api.notion.com/v1/pages" ... curl -X PATCH "https://api.notion.com/v1/pages/{page_id}"Review target IDs and payloads before allowing write operations, and keep the integration scoped to non-critical or task-specific pages when possible.