Skills
skills/davila7/claude-code-templates/notion-knowledge-capture/Gen Agent Trust Hub

notion-knowledge-capture

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • EXTERNAL_DOWNLOADS (LOW): The skill directs users to install a remote MCP server from https://mcp.notion.com/mcp. While notion.com is a legitimate service, this involves an external resource download.
  • COMMAND_EXECUTION (LOW): The workflow requires executing shell commands (codex mcp add, codex --enable rmcp_client) for setup. These are legitimate configuration steps but represent a command execution surface.
  • PROMPT_INJECTION (LOW): The skill handles untrusted user input (conversations) to create Notion content, creating an indirect prompt injection surface. Evidence: 1. Ingestion points: User chat in steps 3 and 4. 2. Boundary markers: Absent. 3. Capability inventory: notion-create-pages, notion-update-page, and notion-fetch. 4. Sanitization: Absent.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 04:49 PM