better-notion

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md shows the agent uses the Notion API to fetch and read user-generated content (e.g., "Get page", "Get page blocks", "Search" examples) from third‑party Notion pages/databases, which the agent would interpret and can drive subsequent create/update/delete actions, so those pages could contain instructions that materially influence behavior.