notion
Warn
Audited by Snyk on Mar 7, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.80). The skill explicitly instructs the agent to fetch user-generated Notion content (e.g., GET /v1/pages/{page_id}, GET /v1/blocks/{page_id}/children, POST /v1/search) so the agent will read third‑party/notion workspace content that could influence subsequent actions.
Audit Metadata