Notion Manager
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: notion-cli Version: 0.0.1 The OpenClaw skill bundle for Notion CLI is classified as benign. All instructions and commands in SKILL.md and README.md are directly related to managing Notion content via the `notion-cli` tool or direct Notion API calls using `curl`. The skill properly handles the `NOTION_TOKEN` for authentication with the legitimate Notion API endpoint (api.notion.com). There is no evidence of data exfiltration to unauthorized destinations, malicious execution, persistence mechanisms, or prompt injection attempts designed to subvert the agent's behavior beyond its stated purpose. The installation of `@iansinnott/notion-cli` via npm is a standard practice for CLI tools.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the token is over-permissioned or exposed, an agent or other local user could read or modify shared Notion pages and databases.
The skill requires a Notion API token, which grants delegated access to the Notion content shared with the integration.
metadata: {"openclaw":{"emoji":"📓","requires":{"env":["NOTION_TOKEN"]},"primaryEnv":"NOTION_TOKEN"}}Use a dedicated Notion integration, share only the specific pages/databases needed, protect the token, and rotate it if it may have been exposed.
The agent can create or update Notion pages and database records when using this skill, so incorrect IDs or properties could change the wrong content.
The documented commands include write authority over Notion objects, which is central to the skill but can change workspace data.
Use *notion-cli* to create/read/update pages, data sources (databases), and blocks.
Review planned create/update actions before approving them, especially for shared business databases or important pages.
Installing a global package gives that package code execution on the local machine during install/use, and an unpinned package can change over time.
The skill asks users to globally install an unpinned external npm package, while the listed homepage is a GitHub repository URL rather than a locked package artifact.
Install notion-cli: `npm install -g @iansinnott/notion-cli`
Verify the npm package and repository before installing, consider pinning a known-good version, and install it in a controlled environment if possible.