The Agent Skills Directory

[COMMAND_EXECUTION]: The skill utilizes curl to interact with the Notion REST API and python3 to parse JSON responses into readable text. These operations are confined to official Notion API endpoints.
[EXTERNAL_DOWNLOADS]: Fetches external web content via r.jina.ai for link analysis when a Notion page contains primarily bookmarks. Jina AI is a recognized service used for extracting content in an LLM-friendly format.
[PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection because it analyzes untrusted data from Notion page blocks and external websites. 1. Ingestion points: Notion page block content (SKILL.md) and web content fetched through Jina AI (SKILL.md). 2. Boundary markers: No explicit delimiters or instructions for the agent to ignore embedded commands within the fetched content are present. 3. Capability inventory: The skill possesses the ability to move Notion pages via API, execute shell commands, and perform network fetches. 4. Sanitization: No content validation or sanitization mechanisms are described.
[SAFE]: The skill implements secure credential management by guiding the user to store their Notion API token in local .env files rather than hardcoding secrets or passing them in plaintext.

nby-notion-smart-categorize