notion-cli

SUSPICIOUS: the skill’s purpose is plausible, but the install and trust story is not fully coherent because the `ntn` npm package was not verified as an official Notion CLI. Since the skill forwards a Notion API token into that CLI and supports remote file/worker operations, the main concern is supply-chain and credential-forwarding risk rather than confirmed malware.