notion-databases
Pass
Audited by Gen Agent Trust Hub on Apr 17, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses Python scripts to perform legitimate operations via the Notion API. It executes commands such as
python3 databases/scripts/notion_databases.pyto list, query, and create database entries. - [DATA_EXPOSURE]: The script reads a Notion API token from
~/.config/notion/config.json. This is standard practice for CLI-based integrations and does not constitute a vulnerability, as it relies on a local configuration file created by a prerequisite setup tool (notion-connect). - [REMOTE_CODE_EXECUTION]: While the script interacts with the remote Notion API (
https://api.notion.com/v1), it does so using the standard Python library (urllib.request) for legitimate data transfer without executing any remote content. - [INDIRECT_PROMPT_INJECTION]: The skill processes structured data (JSON) from Notion. While it does not implement specific delimiters for Notion content, the risk is minimal as the script focuses on data retrieval and structured entry creation rather than complex reasoning over untrusted text.
Audit Metadata