Notion Manager
PassAudited by ClawScan on May 1, 2026.
Overview
This is a coherent Notion management skill, but it needs a Notion API token and can read or change the Notion pages and databases you share with the integration.
Before installing, verify the npm package, use a dedicated Notion integration token, share only the Notion pages or databases you want the agent to manage, and double-check any create or update operation before it is performed.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the token is over-permissioned or exposed, an agent or other local user could read or modify shared Notion pages and databases.
The skill requires a Notion API token, which grants delegated access to the Notion content shared with the integration.
metadata: {"openclaw":{"emoji":"📓","requires":{"env":["NOTION_TOKEN"]},"primaryEnv":"NOTION_TOKEN"}}Use a dedicated Notion integration, share only the specific pages/databases needed, protect the token, and rotate it if it may have been exposed.
The agent can create or update Notion pages and database records when using this skill, so incorrect IDs or properties could change the wrong content.
The documented commands include write authority over Notion objects, which is central to the skill but can change workspace data.
Use *notion-cli* to create/read/update pages, data sources (databases), and blocks.
Review planned create/update actions before approving them, especially for shared business databases or important pages.
Installing a global package gives that package code execution on the local machine during install/use, and an unpinned package can change over time.
The skill asks users to globally install an unpinned external npm package, while the listed homepage is a GitHub repository URL rather than a locked package artifact.
Install notion-cli: `npm install -g @iansinnott/notion-cli`
Verify the npm package and repository before installing, consider pinning a known-good version, and install it in a controlled environment if possible.