notion-sync
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTIONDATA_EXFILTRATIONEXTERNAL_DOWNLOADS
Full Analysis
- [SAFE]: The skill contains no executable code, scripts, or binary files, consisting entirely of markdown instructions and metadata schemas.
- [NO_CODE]: No code was detected in the skill file.
- [PROMPT_INJECTION]: An indirect prompt injection surface exists as the skill processes external Notion data for local file creation.
- Ingestion points: External data from Notion databases like Projects, Roadmap, and Engineering Specs.
- Boundary markers: No delimiters or instructions to ignore embedded content are specified.
- Capability inventory: File writing and folder creation within the
pm-workspace-docs/directory. - Sanitization: No explicit data validation or sanitization steps are defined for external strings.
- [DATA_EXFILTRATION]: No unauthorized data transmission or credential exposure was found. Notion Database IDs are included for mapping but are not sensitive secrets.
- [EXTERNAL_DOWNLOADS]: The skill mentions Notion and Composio MCP tools, which are well-known and legitimate technology services.
Audit Metadata