notion-docs
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Indirect prompt injection surface identified.
- Ingestion points: User-provided parameters such as
projectName,title, andattendeesinscripts/notion-templates.jsare directly interpolated into Markdown strings used to create Notion pages. - Boundary markers: While the templates use Markdown structure (headings, tables, callouts), they lack explicit delimiters or instructions to ignore embedded prompts in the generated content.
- Capability inventory: The skill utilizes Notion MCP tools (
notion-create-pages,notion-create-database) to write structured content to a Notion workspace. - Sanitization: No sanitization, escaping, or validation is performed on input variables before they are rendered into the final page body.
Audit Metadata