vibe-notionbot

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly fetches and returns user-generated Notion workspace content via the Notion API (see SKILL.md commands like "vibe-notionbot page get", "search", "comment list" and the note "All commands output JSON by default for AI consumption"), so untrusted third-party content in Notion pages/comments can be read by the agent and could materially influence subsequent actions.