pd-notion
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a surface for Indirect Prompt Injection. * Ingestion points: The
pageandquery-dbcommands inresources/pd-notion.tsfetch untrusted content from Notion blocks and database properties. * Boundary markers: There are no boundary markers or instructions to ignore embedded commands when processing retrieved text. * Capability inventory: The skill has significant write capabilities inresources/pd-notion.ts, includingcreate-page,update-page,append, andadd-row, which could be exploited by malicious instructions found in read content. * Sanitization: The script performs minimal transformation of data (converting Notion objects to strings) without sanitizing or validating the content for executable instructions or prompt-altering patterns.
Audit Metadata