notion-security-basics

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's workflow explicitly calls the Notion API to search and retrieve pages the integration can access (see "auditIntegrationAccess" in Step 2) and to process incoming webhook payloads (Step 3), meaning it ingests user-generated Notion content (third-party/untrusted) that the agent reads and which can influence updates or follow-up actions.