notion-cli

SUSPICIOUS. The skill’s Notion-focused capabilities are mostly aligned with its stated purpose, but the trust model is weak: it installs a third-party CLI from a Homebrew tap and forwards a live Notion API token from Doppler directly into that binary. With no provided evidence that the binary is officially published, open-source, and verifiably controlled by the same publisher, this meets the high-risk credential-forwarding pattern for AI skills.