Notion Sync

Security checks across malware telemetry and agentic risk

Overview

The skill matches its Notion sync purpose, but one batch update tool can change many Notion records more broadly than the documentation implies.

Review before installing if your Notion workspace contains important business or shared data. Use a least-privilege Notion integration shared only with needed pages/databases, protect any token file, run batch updates with --dry-run first, always provide a narrow --filter, and avoid forwarding JSON monitoring output to chat, CI, or alerting systems unless those destinations are approved.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Low

Confidence: 71% confidence
Finding: The skill documents automated monitoring and piping JSON output into notification systems without warning that page titles, paths, timestamps, or other workspace-derived metadata may be forwarded to third parties. In a collaborative Notion context, this can lead to unintended disclosure of sensitive project information through logs, CI systems, chatbots, or alerting tools.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal