v1.0.4

memory-to-notion

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 6:18 AM.

Analysis

The skill is coherent for saving memories to Notion, but it can broadly scan past conversations and persist selected personal details in a Notion workspace with limited scoping and approval details.

GuidanceBefore installing, confirm you are comfortable with an agent reviewing past conversations and saving selected facts to Notion. Limit the Notion integration's permissions, review the referenced Notion dependency, and ask the agent to show proposed memory entries for approval before writing them.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Agentic Supply Chain Vulnerabilities

SeverityLowConfidenceHighStatusNote

SKILL.md

OpenClaw accesses Notion through a separately installed "notion" skill ([clawhub.ai/steipete/notion](https://clawhub.ai/steipete/notion)). This skill must be installed before using memory-to-notion. When executing, first read the notion skill's SKILL.md

The workflow depends on another skill and its instructions, but that dependency is not included in the provided artifacts.

User impactThe actual Notion access behavior may depend on a separate skill that the user also needs to trust and review.

RecommendationReview the referenced Notion skill before use and install only a trusted, expected version of that dependency.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityMediumConfidenceHighStatusNote

SKILL.md

All operations described in this skill (search, query, create page, update page, create database) map directly to the notion skill's REST API patterns

The skill needs Notion account authority that can search the workspace and create or update Notion content; this is purpose-aligned but sensitive.

User impactThe Notion integration may be able to see or modify more of the workspace than just the intended Memory Store database if granted broad permissions.

RecommendationUse a least-privilege Notion integration, grant access only to the Memory Store database or chosen parent page, and verify where new databases/pages will be created.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning

SeverityHighConfidenceHighStatusConcern

SKILL.md

This skill retrieves the user's past conversation history, analyzes it for valuable and meaningful content, decomposes conversations into atomic memory entries, and writes them as rows into the Memory Store Notion Database.

This shows broad access to private conversation history and persistent export of selected memory content into an external Notion database.

User impactPrivate or sensitive details from old conversations could be copied into Notion and later reused or shared according to that workspace's permissions.

RecommendationRun it only for conversations you intentionally want archived, review proposed memory rows before writing, exclude secrets or sensitive personal data, and set clear retention or deletion rules.