Notion Pipeline

Use when the night-shift agents need to validate Notion env, query a Notion database, create or update pages, or append blocks in the idea-factory databases.

This skill appears to implement legitimate Notion workflows, but there are several red flags you should address before installing or running it: - Metadata mismatch: The registry declares no required environment variables or primary credential, but SKILL.md and the scripts require OPENCLAW_NOTION_TOKEN and several OPENCLAW_NOTION_DB_* variables. Do not provide your Notion token until this is fixed/clarified. - Hard-coded user paths: The code reads/writes /Users/dellymac/.openclaw/secrets/notion.env and /Users/dellymac/.openclaw/cron/jobs.json. If that path exists on your machine it will be used; if not the code may fail. Ask the author to make these paths configurable (or confirm they match your environment) before running. - Secret persistence: bootstrap_factory.mjs will write your token and DB IDs to the local env file. If you proceed, review local_env.mjs to confirm file permissions and consider running in an isolated account or container. - Unexpected TELEGRAM default: The code writes OPENCLAW_TELEGRAM_TARGET with a default numeric value. Confirm why a Telegram target is set and whether the skill will contact Telegram or other services (search the rest of factory_ops.mjs for network/spawn usage). - Execution capabilities: factory_ops.mjs imports child_process.spawn (indicates potential to run other programs). Search the full file for spawn usage and any external integrations before giving the token to this skill. Recommended actions: - Ask the skill author to update registry metadata to list required env vars and primary credential. - Request that paths be configurable (not hard-coded to another user's home). - Review the remainder of factory_ops.mjs for any spawn/exec calls or external endpoints beyond Notion. - If you must test, run in an isolated environment (throwaway user account or container) and use a Notion token with minimal scope. Keep a copy of the code and verify behavior before trusting it with production credentials.

Type: OpenClaw Skill Name: notion-pipeline Version: 0.1.0 The skill bundle contains high-risk capabilities including the use of 'child_process.spawn' in 'factory_ops.mjs' to execute system commands and schedule 'openclaw' cron jobs. It features hardcoded absolute paths to a specific user's home directory ('/Users/dellymac') across multiple files (SKILL.md, factory_ops.mjs, local_env.mjs), which is a privacy leak and indicates a lack of environment isolation. Furthermore, 'factory_ops.mjs' dynamically generates complex multi-step instructions for other agents that include shell commands ('mkdir -p') and automated messaging, creating a significant attack surface for lateral movement or unauthorized persistence within the OpenClaw environment.