notion-hub
Pass
Audited by Gen Agent Trust Hub on Apr 7, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill communicates with the official Notion API (api.notion.com) using standard, well-known Python libraries (notion-client, httpx).
- [SAFE]: Sensitive data protection is implemented in the _redact_user_pii function, which masks user email addresses to prevent PII leakage into the AI conversation.
- [SAFE]: The script automatically redacts signed AWS tokens from internal Notion file URLs (S3 links) in both Markdown and raw block outputs, mitigating the risk of credential exposure.
- [COMMAND_EXECUTION]: Provides a CLI script that is executed via the uv tool. Inputs like IDs and content are handled through structured arguments and validated via regex or the official SDK, reducing the risk of shell injection.
- [EXTERNAL_DOWNLOADS]: Dependencies are fetched from the official Python Package Index (PyPI) using uv inline metadata.
Audit Metadata