notion-workspace

SUSPICIOUS: the snippet is not overtly malicious, but the stated Notion workspace purpose is only partially aligned with the documented runtime, which authenticates solely to the AI Skills backend and does not show a direct Notion API flow. Same-brand backend use lowers supply-chain concern, yet the indirect data path, overrideable base URL, and missing runner code make the skill a medium security risk.