notion

SUSPICIOUS: the skill’s overall purpose is coherent, but it relies on a third-party MCP client package rather than official Notion tooling and lets that client handle persisted OAuth credentials. This is not clearly malicious, yet the trust boundary and endpoint opacity make the skill higher risk than a normal official API integration.