Skills
skills/josearroyave/agent-skills/notion-movies/Gen Agent Trust Hub

notion-movies

Pass

Audited by Gen Agent Trust Hub on Mar 17, 2026

Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [DATA_EXFILTRATION]: Hardcoded absolute path to a sensitive configuration file (.env) within a user-specific home directory.
  • Evidence: The command 'dotenv.config({ path: '/home/jose/.openclaw/.env' });' in scripts/index.js accesses a specific local file path.
  • [PROMPT_INJECTION]: Indirect prompt injection vulnerability surface through external API data ingestion.
  • Ingestion points: The skill fetches movie titles and plot summaries from the external TMDB API via the getMovieData function in scripts/index.js.
  • Boundary markers: Absent; movie metadata is processed as raw strings and appended to Notion blocks without clear delimiters or 'ignore' instructions.
  • Capability inventory: The skill uses the Notion API to create pages, update properties, and append child blocks (ensurePlot, ensureDirector), and interacts with a local vector database (upsertVector).
  • Sanitization: Absent; there is no evidence of filtering, escaping, or validating movie plots or titles before they are inserted into Notion or indexed in Qdrant.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 17, 2026, 10:30 PM