notion

The skill's stated purpose and requested capabilities align with legitimate Notion integration functionality. No explicit malicious code is present in the provided documentation. However, there are supply-chain and operational risks: install.sh is unspecified (could contain unsafe download/execute steps), passing tokens via command-line or placing them in an env file without guidance on secure permissions can leak credentials locally, and the webhook 'OpenClaw Gateway' could route data to an external party if misconfigured. Because the core implementation (notion-cli.js and install.sh) was not provided, the review cannot rule out credential forwarding or other malicious behaviors within those scripts. Recommend: inspect install.sh and notion-cli.js before running; avoid passing secrets on the command line on multi-user systems; restrict permissions on ~/.openclaw/.env; and verify webhook endpoints/gateway ownership before enabling webhook sync.