notion-sdk
Pass
Audited by Gen Agent Trust Hub on Apr 4, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill utilizes the official notion-client SDK (v2.6.0+), a well-known library for Notion API integration. This dependency is from a recognized service provider and is used according to best practices for SDK usage.
- [SAFE]: Integration tokens are collected from the user via the AskUserQuestion tool during the preflight phase. This ensures that sensitive credentials are provided by the user and are not hardcoded within the skill's source code or tests.
- [SAFE]: The skill reads content from Notion databases and pages, which constitutes an ingestion point for indirect prompt injection. However, the skill's capabilities are strictly limited to Notion API operations (create, update, query), minimizing the risk associated with this attack vector as it lacks the ability to execute arbitrary code or shell commands based on the ingested content.
- [COMMAND_EXECUTION]: Local Python scripts are used to wrap Notion API functionality. These scripts are executed via the Bash tool to perform specific integration tasks, with no evidence of unsafe command construction, privilege escalation, or access to sensitive local environment variables.
Audit Metadata