Skills
skills/magic-meal-kits/mmk-skills/mmk-notion-database/Gen Agent Trust Hub

mmk-notion-database

Pass

Audited by Gen Agent Trust Hub on Mar 26, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the mmk command-line tool, a vendor-specific resource from magic-meal-kits, to perform Notion database operations. These operations include schema retrieval, querying with filters, and bulk data manipulation.
  • [DATA_EXFILTRATION]: The skill supports reading data from the local filesystem via the --file flag in the insert, update, upsert, and delete commands. This allows the agent to read local JSON files and transmit their contents to Notion's cloud infrastructure.
  • [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection as it retrieves untrusted content from external Notion databases.
  • Ingestion points: Data is ingested through the query and schema commands in SKILL.md.
  • Boundary markers: The instructions do not define delimiters or specific safety instructions to isolate data retrieved from Notion.
  • Capability inventory: The skill has capabilities to modify Notion data (update, delete, upsert) and trigger AI workflows (ai-summary) based on the ingested content.
  • Sanitization: There is no evidence of content sanitization or validation performed on the records retrieved from external databases before they are processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 26, 2026, 06:04 AM