Skills
skills/casret/pipedream/pd-notion-query-db/Gen Agent Trust Hub

pd-notion-query-db

Pass

Audited by Gen Agent Trust Hub on Mar 10, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes a local script located at 'resources/pd-notion.ts' using the npx tsx command. The script path references a shared resource in a parent directory.
  • [EXTERNAL_DOWNLOADS]: The use of 'npx' may result in the download of the 'tsx' package or other necessary dependencies from the official npm registry if they are not already cached.
  • [PROMPT_INJECTION]: The skill queries content from external Notion databases, which serves as a potential surface for indirect prompt injection. 1. Ingestion points: Results from Notion database queries. 2. Boundary markers: None identified. 3. Capability inventory: Execution of local TypeScript files. 4. Sanitization: No explicit sanitization or filtering of database content is mentioned in the skill definition.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 10, 2026, 01:31 AM