ClawHub

Notion

Notion API for creating and managing pages, databases, and blocks.

MIT-0 · Free to use, modify, and redistribute. No attribution required.
0 · 141 · 0 current installs · 0 all-time installs
by@nidhov01
duplicate of @7revor/notion-1-0-0
MIT-0
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The skill's name, description, and instructions all target the Notion API and the actions (pages, data sources/databases, blocks) match the declared purpose. One minor inconsistency: the registry metadata shown at the top uses ownerId 'kn71m67…' while the included _meta.json contains a different ownerId ('kn70pyw…'). This looks like a metadata mismatch but does not change the functional purpose.
Instruction Scope
All runtime instructions are limited to creating a Notion integration, storing its API key in ~/.config/notion/api_key, and using curl against api.notion.com with the required headers. The instructions do ask the user to store the API key as plaintext in a file and read it with cat — that is functional but a potential local-security/privacy concern. There are no instructions to read unrelated files or exfiltrate data to third-party endpoints.
Install Mechanism
No install spec and no code files — this is instruction-only, which minimizes the risk of arbitrary code being written or executed on the host.
Credentials
The skill declares no required environment variables or primary credential, but the SKILL.md instructs users to store a Notion API key in ~/.config/notion/api_key and then read it into NOTION_KEY. This is coherent functionally but inconsistent with metadata (no declared credential). Requesting access to a single Notion API key is proportionate for the stated functionality.
Persistence & Privilege
always is false and there is no installation that modifies other skills or system-wide settings. The skill does not request elevated or persistent platform privileges.
Assessment
This skill is an instruction-only Notion API helper and appears to do what it says. Before installing or using it: (1) Verify you trust the skill's publisher — the _meta.json ownerId differs from the registry ownerId shown, which may be a packaging/metadata error. (2) Prefer storing your Notion integration key in a safer secret store or an environment variable rather than in plaintext at ~/.config/notion/api_key; if you must use a file, restrict its filesystem permissions (chmod 600). (3) Create an integration with the minimum scopes needed and share only the pages/databases the integration requires. (4) Rotate or revoke the token if you suspect it has been exposed. (5) Note the SKILL.md pins Notion-Version 2025-09-03 and uses data_sources endpoints — confirm that your Notion workspace and integration are compatible. (6) The skill can be invoked autonomously by the agent platform (normal default), but it will only be able to perform actions if you provide the API key, so treat that key as sensitive.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.0
Download zip
latestvk970f0c6e77bz939k704v1w8r9831y5q

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

📝 Clawdis

SKILL.md

notion

Use the Notion API to create/read/update pages, data sources (databases), and blocks.

Setup

  1. Create an integration at https://notion.so/my-integrations
  2. Copy the API key (starts with ntn_ or secret_)
  3. Store it:
mkdir -p ~/.config/notion
echo "ntn_your_key_here" > ~/.config/notion/api_key
  1. Share target pages/databases with your integration (click "..." → "Connect to" → your integration name)

API Basics

All requests need:

NOTION_KEY=$(cat ~/.config/notion/api_key)
curl -X GET "https://api.notion.com/v1/..." \
  -H "Authorization: Bearer $NOTION_KEY" \
  -H "Notion-Version: 2025-09-03" \
  -H "Content-Type: application/json"

Note: The Notion-Version header is required. This skill uses 2025-09-03 (latest). In this version, databases are called "data sources" in the API.

Common Operations

Search for pages and data sources:

curl -X POST "https://api.notion.com/v1/search" \
  -H "Authorization: Bearer $NOTION_KEY" \
  -H "Notion-Version: 2025-09-03" \
  -H "Content-Type: application/json" \
  -d '{"query": "page title"}'

Get page:

curl "https://api.notion.com/v1/pages/{page_id}" \
  -H "Authorization: Bearer $NOTION_KEY" \
  -H "Notion-Version: 2025-09-03"

Get page content (blocks):

curl "https://api.notion.com/v1/blocks/{page_id}/children" \
  -H "Authorization: Bearer $NOTION_KEY" \
  -H "Notion-Version: 2025-09-03"

Create page in a data source:

curl -X POST "https://api.notion.com/v1/pages" \
  -H "Authorization: Bearer $NOTION_KEY" \
  -H "Notion-Version: 2025-09-03" \
  -H "Content-Type: application/json" \
  -d '{
    "parent": {"database_id": "xxx"},
    "properties": {
      "Name": {"title": [{"text": {"content": "New Item"}}]},
      "Status": {"select": {"name": "Todo"}}
    }
  }'

Query a data source (database):

curl -X POST "https://api.notion.com/v1/data_sources/{data_source_id}/query" \
  -H "Authorization: Bearer $NOTION_KEY" \
  -H "Notion-Version: 2025-09-03" \
  -H "Content-Type: application/json" \
  -d '{
    "filter": {"property": "Status", "select": {"equals": "Active"}},
    "sorts": [{"property": "Date", "direction": "descending"}]
  }'

Create a data source (database):

curl -X POST "https://api.notion.com/v1/data_sources" \
  -H "Authorization: Bearer $NOTION_KEY" \
  -H "Notion-Version: 2025-09-03" \
  -H "Content-Type: application/json" \
  -d '{
    "parent": {"page_id": "xxx"},
    "title": [{"text": {"content": "My Database"}}],
    "properties": {
      "Name": {"title": {}},
      "Status": {"select": {"options": [{"name": "Todo"}, {"name": "Done"}]}},
      "Date": {"date": {}}
    }
  }'

Update page properties:

curl -X PATCH "https://api.notion.com/v1/pages/{page_id}" \
  -H "Authorization: Bearer $NOTION_KEY" \
  -H "Notion-Version: 2025-09-03" \
  -H "Content-Type: application/json" \
  -d '{"properties": {"Status": {"select": {"name": "Done"}}}}'

Add blocks to page:

curl -X PATCH "https://api.notion.com/v1/blocks/{page_id}/children" \
  -H "Authorization: Bearer $NOTION_KEY" \
  -H "Notion-Version: 2025-09-03" \
  -H "Content-Type: application/json" \
  -d '{
    "children": [
      {"object": "block", "type": "paragraph", "paragraph": {"rich_text": [{"text": {"content": "Hello"}}]}}
    ]
  }'

Property Types

Common property formats for database items:

  • Title: {"title": [{"text": {"content": "..."}}]}
  • Rich text: {"rich_text": [{"text": {"content": "..."}}]}
  • Select: {"select": {"name": "Option"}}
  • Multi-select: {"multi_select": [{"name": "A"}, {"name": "B"}]}
  • Date: {"date": {"start": "2024-01-15", "end": "2024-01-16"}}
  • Checkbox: {"checkbox": true}
  • Number: {"number": 42}
  • URL: {"url": "https://..."}
  • Email: {"email": "a@b.com"}
  • Relation: {"relation": [{"id": "page_id"}]}

Key Differences in 2025-09-03

  • Databases → Data Sources: Use /data_sources/ endpoints for queries and retrieval
  • Two IDs: Each database now has both a database_id and a data_source_id
    • Use database_id when creating pages (parent: {"database_id": "..."})
    • Use data_source_id when querying (POST /v1/data_sources/{id}/query)
  • Search results: Databases return as "object": "data_source" with their data_source_id
  • Parent in responses: Pages show parent.data_source_id alongside parent.database_id
  • Finding the data_source_id: Search for the database, or call GET /v1/data_sources/{data_source_id}

Notes

  • Page/database IDs are UUIDs (with or without dashes)
  • The API cannot set database view filters — that's UI-only
  • Rate limit: ~3 requests/second average
  • Use is_inline: true when creating data sources to embed them in pages

Files

2 total
Select a file
Select a file to preview.

Comments

Loading comments…