Trust Assessment
notion-api received a trust score of 85/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 0 high, 1 medium, and 0 low severity. Key findings include Potential Command Injection via `curl` examples.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on June 1, 2026 (commit 9b0e00ad). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| MEDIUM | Potential Command Injection via `curl` examples The skill provides numerous `curl` command examples for interacting with the Notion API. If an agent directly interpolates user-provided input (e.g., page IDs, search terms, content for pages/blocks) into these `curl` commands without proper shell escaping, it could lead to command injection. An attacker could craft malicious input that breaks out of the intended JSON payload or URL path and executes arbitrary shell commands on the host system. When constructing shell commands based on user input, ensure all user-controlled variables are properly escaped for the shell context. For JSON payloads, use a robust JSON serialization library to construct the payload, and then pass the complete, escaped JSON string to `curl`. Avoid direct string concatenation for command construction, especially when user input is involved. | LLM | SKILL.md:100 |
Scan History
Embed Code
[](https://skillshield.io/report/37b017bcbc3bd083)
Powered by SkillShield