notion-database-architect
Pass
Audited by Gen Agent Trust Hub on Apr 8, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill facilitates data management between the agent and the Notion API, utilizing standard integration patterns for structural data organization.
- [PROMPT_INJECTION]: The skill processes unstructured user input, such as Markdown text and tables, to create Notion database entries. This presents a standard surface for indirect prompt injection where instructions embedded in the user data could potentially influence agent behavior.
- Ingestion points: External Markdown text, headers, and tables provided by the user (SKILL.md).
- Boundary markers: Absent; the instructions do not define specific delimiters or warnings to ignore commands embedded within the processed data.
- Capability inventory: The skill utilizes Notion API endpoints to create pages and databases (POST /v1/pages, POST /v1/databases).
- Sanitization: The skill defines mapping logic for boolean (checkbox) values but lacks comprehensive sanitization or validation for free-text string fields.
Audit Metadata