Notion Enhanced
v0.1.0Integrate with Notion workspaces to read pages, query databases, create entries, and manage content. Perfect for knowledge bases, project tracking, content calendars, CRMs, and collaborative documentation. Works with any Notion page or database you explicitly share with the integration.
⭐ 4· 2.6k·11 current·11 all-time
by@moikapy
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The skill's name, SKILL.md, CLI and TypeScript code all implement a Notion integration (query DBs, create/update pages, search). The required credential (NOTION_TOKEN) and the node runtime are what you'd expect. However, the top-level registry metadata in the provided bundle incorrectly listed 'Required env vars: none' and 'instruction-only' despite a skill.json and multiple code files (install scripts, CLI, TS sources) that do require NOTION_TOKEN and node. This packaging/metadata mismatch is an inconsistency to be aware of.
Instruction Scope
Runtime instructions and CLI commands are scoped to Notion API calls, local config (~/.openclaw/.env), and optional temp mapping files for numbered IDs. The SKILL.md and setup scripts only read/write local config and talk to Notion's API; they do not instruct the agent to read unrelated system files or to send data to unexpected external endpoints.
Install Mechanism
There is no formal install spec in the registry entry, but the package includes standard install.sh and npm-based install/build steps and recommends git clone from a GitHub repo. Installation uses npm and local scripts (no opaque downloads or URL-shortened resources). The risk is low, but the absence of an explicit install spec in the registry combined with included install scripts is a packaging inconsistency worth verifying (confirm the repository URL and inspect code before running install.sh).
Credentials
The code and docs require only the Notion integration token (NOTION_TOKEN) and optionally database IDs stored in ~/.openclaw/.env. Those are proportional to the stated functionality. There are no unrelated secret requests (no AWS, Shopify tokens required by default).
Persistence & Privilege
The skill does not request always:true and is user-invocable. It instructs the user to store the NOTION_TOKEN in ~/.openclaw/.env and writes a temporary mapping file in the OS temp directory for numbered-ID mappings; both are scoped to the skill and do not modify other skills or system-wide settings. Agent autonomy (disable-model-invocation:false) is normal and not risky by itself.
Scan Findings in Context
[requires.env:NOTION_TOKEN] expected: The skill.json and SKILL.md require NOTION_TOKEN, which is appropriate and expected for a Notion integration. However the top-level summary metadata provided to the evaluator incorrectly stated 'Required env vars: none' — the presence of NOTION_TOKEN in skill.json should be treated as the authoritative requirement.
Assessment
This skill appears to be what it claims: a Notion integration that needs only your Notion integration token and node. Before installing, do the following: 1) Verify the source repository (the bundle references github.com/MoikasLabs/openclaw-notion-skill) and inspect the code locally (you already have the files) — run a quick grep for unexpected outgoing endpoints or secrets exfiltration (none were found in this review). 2) Confirm registry metadata: the top-level metadata here omits NOTION_TOKEN and calls the package 'instruction-only' even though install scripts and JS/TS code are included; treat skill.json and SKILL.md as authoritative and be cautious running install.sh until you confirm the repo origin. 3) Create a Notion integration with the minimal scopes you need and share only the specific pages/databases the integration should access. 4) Store NOTION_TOKEN in a secure secrets store if available (avoid committing it to files in version control); if stored in ~/.openclaw/.env, ensure filesystem permissions are restrictive. 5) Run npm install and npm audit before use and consider running the skill in an isolated environment (container or dedicated agent) if you want extra assurance. If you want, I can produce exact commands to audit dependencies or highlight every place the token is read/written in the code.Like a lobster shell, security has layers — review code before you run it.
latestvk97dta5hsrd6d90n0h7anr0rax80ehxq
License
MIT-0
Free to use, modify, and redistribute. No attribution required.