Skip to main content

notion

Integrates with Notion to manage content, track projects, and enhance collaboration through database queries and page management.

Install this skill

or
0/100

Security score

The notion skill was audited on Feb 9, 2026 and we found 62 security issues across 4 threat categories, including 15 high-severity. Review the findings below before installing.

Categories Tested

Security Issues

high line 54

Direct command execution function call

SourceSKILL.md
54await exec({
high line 59

Direct command execution function call

SourceSKILL.md
59await exec({
high line 72

Direct command execution function call

SourceSKILL.md
72await exec({
high line 89

Direct command execution function call

SourceSKILL.md
89await exec({
high line 102

Direct command execution function call

SourceSKILL.md
102await exec({
high line 110

Direct command execution function call

SourceSKILL.md
110await exec({
high line 121

Direct command execution function call

SourceSKILL.md
121await exec({
high line 141

Direct command execution function call

SourceSKILL.md
141await exec({
high line 152

Direct command execution function call

SourceSKILL.md
152await exec({
high line 176

Direct command execution function call

SourceSKILL.md
176await exec({
high line 195

Direct command execution function call

SourceSKILL.md
195await exec({
high line 218

Direct command execution function call

SourceSKILL.md
218await exec({
high line 460

Direct command execution function call

SourceSKILL.md
460await exec({
high line 465

Direct command execution function call

SourceSKILL.md
465await exec({
high line 472

Direct command execution function call

SourceSKILL.md
472await exec({
medium line 55

Template literal with variable interpolation in command context

SourceSKILL.md
55command: `node ~/.agents/skills/notion/notion-cli.js query-database ${databaseId}`
medium line 60

Template literal with variable interpolation in command context

SourceSKILL.md
60command: `node ~/.agents/skills/notion/notion-cli.js query-database ${databaseId} --filter '{"property":"Status","select":{"equals":"In Progress"}}'`
medium line 73

Template literal with variable interpolation in command context

SourceSKILL.md
73command: `node ~/.agents/skills/notion/notion-cli.js add-entry ${databaseId} \
medium line 90

Template literal with variable interpolation in command context

SourceSKILL.md
90command: `node ~/.agents/skills/notion/notion-cli.js get-page ${pageId}`
medium line 103

Template literal with variable interpolation in command context

SourceSKILL.md
103command: `node ~/.agents/skills/notion/notion-cli.js update-page ${pageId} \
medium line 111

Template literal with variable interpolation in command context

SourceSKILL.md
111command: `node ~/.agents/skills/notion/notion-cli.js append-body ${pageId} \
medium line 142

Template literal with variable interpolation in command context

SourceSKILL.md
142command: `node ~/.agents/skills/notion/notion-cli.js add-entry ${contentDbId} \
medium line 153

Template literal with variable interpolation in command context

SourceSKILL.md
153command: `node ~/.agents/skills/notion/notion-cli.js update-page ${entryId} \
medium line 177

Template literal with variable interpolation in command context

SourceSKILL.md
177command: `node ~/.agents/skills/notion/notion-cli.js query-database ${projectsDbId} --filter '{"property":"Status","select":{"equals":"In Progress"}}'`
medium line 196

Template literal with variable interpolation in command context

SourceSKILL.md
196command: `node ~/.agents/skills/notion/notion-cli.js add-entry ${crmDbId} \
medium line 426

Webhook reference - potential data exfiltration

SourceSKILL.md
426## Advanced: Webhook Sync
medium line 430

Webhook reference - potential data exfiltration

SourceSKILL.md
4301. Set up Notion webhook integration (requires Notion partner account)
medium line 431

Webhook reference - potential data exfiltration

SourceSKILL.md
4312. Configure webhook endpoint to your OpenClaw Gateway
medium line 432

Webhook reference - potential data exfiltration

SourceSKILL.md
4323. Skill processes incoming webhooks and updates memory files
medium line 434

Webhook reference - potential data exfiltration

SourceSKILL.md
434See [references/webhooks.md](references/webhooks.md) for implementation details.
low line 55

Access to hidden dotfiles in home directory

SourceSKILL.md
55command: `node ~/.agents/skills/notion/notion-cli.js query-database ${databaseId}`
low line 60

Access to hidden dotfiles in home directory

SourceSKILL.md
60command: `node ~/.agents/skills/notion/notion-cli.js query-database ${databaseId} --filter '{"property":"Status","select":{"equals":"In Progress"}}'`
low line 73

Access to hidden dotfiles in home directory

SourceSKILL.md
73command: `node ~/.agents/skills/notion/notion-cli.js add-entry ${databaseId} \
low line 90

Access to hidden dotfiles in home directory

SourceSKILL.md
90command: `node ~/.agents/skills/notion/notion-cli.js get-page ${pageId}`
low line 103

Access to hidden dotfiles in home directory

SourceSKILL.md
103command: `node ~/.agents/skills/notion/notion-cli.js update-page ${pageId} \
low line 111

Access to hidden dotfiles in home directory

SourceSKILL.md
111command: `node ~/.agents/skills/notion/notion-cli.js append-body ${pageId} \
low line 122

Access to hidden dotfiles in home directory

SourceSKILL.md
122command: `node ~/.agents/skills/notion/notion-cli.js search "content ideas"`
low line 142

Access to hidden dotfiles in home directory

SourceSKILL.md
142command: `node ~/.agents/skills/notion/notion-cli.js add-entry ${contentDbId} \
low line 153

Access to hidden dotfiles in home directory

SourceSKILL.md
153command: `node ~/.agents/skills/notion/notion-cli.js update-page ${entryId} \
low line 177

Access to hidden dotfiles in home directory

SourceSKILL.md
177command: `node ~/.agents/skills/notion/notion-cli.js query-database ${projectsDbId} --filter '{"property":"Status","select":{"equals":"In Progress"}}'`
low line 196

Access to hidden dotfiles in home directory

SourceSKILL.md
196command: `node ~/.agents/skills/notion/notion-cli.js add-entry ${crmDbId} \
low line 219

Access to hidden dotfiles in home directory

SourceSKILL.md
219command: `node ~/.agents/skills/notion/notion-cli.js search "stringing"`
medium line 271

Access to hidden dotfiles in home directory

SourceSKILL.md
271- ✅ Token stored securely in `~/.openclaw/.env` (never in code)
medium line 283

Access to hidden dotfiles in home directory

SourceSKILL.md
283Add to `~/.openclaw/.env`:
low line 307

Access to hidden dotfiles in home directory

SourceSKILL.md
307cd ~/.agents/skills/notion
low line 313

Access to hidden dotfiles in home directory

SourceSKILL.md
313cd ~/.agents/skills/notion
low line 322

Access to hidden dotfiles in home directory

SourceSKILL.md
322# After setting NOTION_TOKEN in ~/.openclaw/.env
low line 446

Access to hidden dotfiles in home directory

SourceSKILL.md
446cd ~/.agents/skills/notion
low line 450

Access to hidden dotfiles in home directory

SourceSKILL.md
450echo "NOTION_TOKEN=secret_xxxxxxxxxx" >> ~/.openclaw/.env
low line 461

Access to hidden dotfiles in home directory

SourceSKILL.md
461command: `node ~/.agents/skills/notion/notion-cli.js query-database YOUR_DB_ID`
low line 466

Access to hidden dotfiles in home directory

SourceSKILL.md
466command: `node ~/.agents/skills/notion/notion-cli.js add-entry YOUR_DB_ID \\
low line 473

Access to hidden dotfiles in home directory

SourceSKILL.md
473command: `node ~/.agents/skills/notion/notion-cli.js search "tree support"`
low line 483

Access to hidden dotfiles in home directory

SourceSKILL.md
483node ~/.agents/skills/notion/notion-cli.js add-entry DB_ID
medium line 271

Access to .env file

SourceSKILL.md
271- ✅ Token stored securely in `~/.openclaw/.env` (never in code)
medium line 283

Access to .env file

SourceSKILL.md
283Add to `~/.openclaw/.env`:
low line 322

Access to .env file

SourceSKILL.md
322# After setting NOTION_TOKEN in ~/.openclaw/.env
low line 450

Access to .env file

SourceSKILL.md
450echo "NOTION_TOKEN=secret_xxxxxxxxxx" >> ~/.openclaw/.env
low line 23

External URL reference

SourceSKILL.md
231. Go to [notion.so/my-integrations](https://www.notion.so/my-integrations)
low line 41

External URL reference

SourceSKILL.md
41- Database: `https://www.notion.so/workspace/XXXXXXXX?v=...` → ID is `XXXXXXXX` (32 chars)
low line 42

External URL reference

SourceSKILL.md
42- Page: `https://www.notion.so/workspace/XXXXXXXX` → ID is `XXXXXXXX`
low line 257

External URL reference

SourceSKILL.md
257{ "url": "https://example.com" }
low line 438

External URL reference

SourceSKILL.md
438**Need help?** Check your Notion integration settings at https://www.notion.so/my-integrations
Scanned on Feb 9, 2026
View Security Dashboard
Installation guide →
GitHub Stars 2.2K
Rate this skill
Categorymarketing
UpdatedApril 4, 2026
openclawnotioncontent-marketergrowth-marketerproduct-managerproject-managercustomer-success-managernotionmarketingproductproject managementsales
openclaw/skills