notion-spec-to-implementation
Pass
Audited by Gen Agent Trust Hub on May 4, 2026
Risk Level: SAFE
Full Analysis
- Notion Integration & Data Processing: The skill is designed to search for, fetch, and update content within a user's Notion workspace. This involves reading external specifications and writing new pages or tasks. While this creates a surface for processing untrusted data (Indirect Prompt Injection), the skill's instructions focus on structured extraction and template-based generation, which is consistent with its intended project management purpose.
- Task and Plan Generation: The skill generates implementation plans and database entries based on the parsed specifications. It uses specific templates for phases, acceptance criteria, and technical approaches. Users should review the generated content to ensure it accurately reflects the source specification without unintended instructions.
- Tool Usage Constraints: The workflow utilizes standard Notion tools (
notion-search,notion-fetch,notion-create-pages,notion-update-page). Access to these tools is managed by the platform's permission model, ensuring the skill operates within the authorized scope of the connected Notion account.
Audit Metadata