notion-cli

SUSPICIOUS: the skill’s purpose broadly matches its capabilities, but it relies on a third-party CLI and a pipe-to-shell installer from a custom domain, then routes a Notion API token and potentially local files/project contents through that tool. This is not clearly malicious, but the install trust and credential-forwarding model are disproportionate compared with using Notion’s official API directly.