Skills
skills/jeremylongshore/claude-code-plugins-plus-skills/notion-debug-bundle/Gen Agent Trust Hub

notion-debug-bundle

Fail

Audited by Gen Agent Trust Hub on Mar 25, 2026

Risk Level: HIGHCREDENTIALS_UNSAFEDATA_EXFILTRATIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [CREDENTIALS_UNSAFE]: The skill accesses the .env file to create a redacted copy for diagnostics. Even with redaction of values, the access to this sensitive file path is a security concern.
  • [DATA_EXFILTRATION]: The skill reads application log files (app.log, server.log, output.log) and environment information to package them into a compressed tarball (.tar.gz). This facilitates the collection and potential external transmission of sensitive system data.
  • [COMMAND_EXECUTION]: Executes shell commands to gather system metadata, including uname -a for OS information and date for timestamps.
  • [EXTERNAL_DOWNLOADS]: Communicates with external endpoints api.notion.com and status.notion.so. These requests are directed at well-known services consistent with the skill's stated purpose.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Mar 25, 2026, 04:41 PM