The Agent Skills Directory

Indirect Prompt Injection (HIGH): The skill possesses a high-risk attack surface for indirect prompt injection. It ingests untrusted data from Notion pages and has the capability to write back to the workspace (creating new pages). * Ingestion points: Data is pulled from the Notion workspace using tools like 'notion-fetch' and 'notion-query-data-sources' as demonstrated in 'examples/customer-meeting.md' and 'examples/sprint-planning.md'. * Boundary markers: There are no explicit boundary markers or instructions provided to the agent to ignore instructions embedded within the Notion content. * Capability inventory: The skill uses 'notion-create-pages' to generate documents, which could be manipulated into containing malicious content or executing unauthorized actions if the agent follows instructions injected into the source Notion pages. * Sanitization: No evidence of sanitization or validation of the fetched Notion content is found before it is interpolated into new documents.

notion-meeting-intelligence