Notion Sync
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A mistaken or autonomous invocation could bulk-change properties on many Notion database pages.
In query mode the filter is optional in code; if no filter is supplied, the script can update every returned page up to the default limit, and dry-run is optional rather than enforced.
const DEFAULT_LIMIT = 100; ... if (filter) payload.filter = filter; ... const updated = await updatePage(page.id, parsed.propertyName, parsed.value, parsed.propertyType);
Require an explicit filter or page ID list for batch updates, make dry-run the default for bulk changes, and review the target page list before applying updates.
The skill can act with whatever Notion permissions are granted to the integration token and shared pages/databases.
The scripts use a Notion integration token, including an auto-detected local token file, to authenticate API requests to Notion.
1. --token-file <path> ... 3. ~/.notion-token ... 4. NOTION_API_KEY env var ... headers: { 'Authorization': `Bearer ${apiKey}` }Use a dedicated least-privilege Notion integration, share only needed pages/databases with it, and protect any token file with restrictive permissions.
Local state can reveal which Notion pages are being monitored, though the shown code stores metadata rather than full page content.
Watch mode persists page IDs, titles, and timestamps in a local state file so it can detect later changes.
const DEFAULT_STATE_FILE = path.join(process.cwd(), 'memory', 'notion-watch-state.json'); ... state.pages[normalizedPageId] = pageState; saveState(safeStateFile, state);
Keep the memory directory private, delete the state file when no longer needed, and avoid sharing it with projects or logs.