x-notion-mcp
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFENO_CODE
Full Analysis
- No Code (SAFE): The provided file is a design specification and architecture overview for a future integration. It does not contain any functional code, scripts, or automated instructions for the agent to execute.
- Data Exposure & Exfiltration (SAFE): While the document discusses the use of sensitive information like Notion API keys and access to local file paths (e.g.,
~/brain/obsidian/), it explicitly focuses on private, Notion-hosted uploads to avoid public data exposure. No implementation code is present to perform these actions. - Prompt Injection (SAFE): There are no instructions aimed at overriding agent behavior or bypassing safety filters.
- Indirect Prompt Injection (SAFE): The design identifies a surface for ingesting local media files which could theoretically contain embedded instructions, but as a specification file, it poses no active risk.
Audit Metadata