notion
Warn
Audited by Snyk on Feb 27, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.70). The skill explicitly fetches and processes user-generated Notion content via the documented API endpoints in SKILL.md (e.g., POST /notion/v1/search, GET /notion/v1/pages/{pageId}, GET /notion/v1/blocks/{blockId}/children), so untrusted third-party page content could be read and influence subsequent agent actions.
Audit Metadata