Is ewingyangs/notion-clipper-skill safe?

https://github.com/openclaw/skills/tree/main/skills/ewingyangs/notion-clipper-skill

81
SAFE

This is a legitimate web clipping tool for Notion that uses Chrome CDP to capture and convert web pages. While functionally sound with no malicious intent detected, it involves significant system access through browser execution and network operations that users should understand.

Category Scores

Prompt Injection 95/100 · 30%
Data Exfiltration 70/100 · 25%
Code Execution 60/100 · 20%
Clone Behavior 90/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 75/100 · 5%

Findings (5)

HIGH Chrome Browser Execution -25

Skill launches Chrome browser with CDP access, providing significant system capabilities including access to user browsing data, cookies, and ability to make arbitrary network requests.

MEDIUM Browser System Access -20

Chrome browser instance has broad system access and could potentially access user data beyond what's necessary for web clipping functionality.

MEDIUM Network Request Capabilities -15

Skill can make arbitrary HTTP requests to user-provided URLs and external APIs, which could be misused for network reconnaissance or data exfiltration.

MEDIUM API Key Storage Requirement -10

Requires storing Notion API key in filesystem at ~/.config/notion/api_key, which could be accessed by other processes if compromised.

LOW Complex Instruction Set -5

Detailed command patterns and environment variable handling could potentially be misinterpreted by agents in edge cases.