notion-operations
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: Analysis of the skill instructions and code templates found no evidence of malicious behavior, obfuscation, or unauthorized access.
- [COMMAND_EXECUTION]: The provided code snippets use the standard Node.js
httpsmodule to interact with external services. These operations are restricted to Notion's official API endpoints (api.notion.com) for legitimate integration purposes. - [EXTERNAL_DOWNLOADS]: The skill references Notion's API infrastructure for database operations. This is a well-known service, and the usage is consistent with the skill's documented purpose.
- [PROMPT_INJECTION]: The skill documents a data synchronization workflow that creates a surface for indirect prompt injection.
- Ingestion points: Data is retrieved from source databases using
queryNotionDatabaseinSKILL.md. - Boundary markers: No delimiters or instructions to ignore embedded content are present in the synchronization implementation examples.
- Capability inventory: The skill defines write capabilities to Notion via
createNotionPageandupdateNotionPagefunctions. - Sanitization: No sanitization, escaping, or validation of source content is performed before interpolation into target properties.
Audit Metadata