← Back to Skills Marketplace
devxoul

Vibe Notion

by Jeon Suyeol · GitHub ↗ · v1.5.0 · MIT-0
cross-platform ⚠ suspicious
871
Downloads
0
Stars
0
Active Installs
14
Versions
Install in OpenClaw
/install vibe-notion
Description
Interact with Notion using the unofficial private API - pages, databases, blocks, search, users, comments
Usage Guidance
This skill uses Notion's unofficial private API and the CLI auto-extracts your token_v2 from the Notion desktop app (it will read cookies/keychain and write credentials to ~/.config/vibe-notion/credentials.json). The package source/homepage is not provided in the metadata — verify the npm package (review its repository, author, and install scripts) before installing. Consider these steps before proceeding: - Prefer the official API (use vibe-notionbot) if you want lower-risk, auditable access. - Inspect the npm package source code and install scripts locally (or run in an isolated VM/container) to confirm what it reads/writes. - Be cautious about persistent memory: the agent is instructed to read/write ~/.config/vibe-notion/MEMORY.md containing workspace IDs, page titles, and other metadata — decide whether you accept persistent storage of this data. - If you proceed, limit exposure: run the CLI in a dedicated account/container, back up/inspect the credentials file, and avoid granting broader system access. If unsure, decline or seek a version with documented provenance and an official API integration.
Capability Analysis
Type: OpenClaw Skill Name: vibe-notion Version: 1.5.0 The skill bundle facilitates Notion interaction via an unofficial private API, which involves high-risk automated extraction of 'token_v2' credentials from the Notion desktop app's local storage and system Keychain (on macOS). While this behavior is aligned with the stated purpose of the 'vibe-notion' CLI, the practice of programmatically accessing sensitive third-party application data and storing it in '~/.config/vibe-notion/credentials.json' presents a significant security risk. Additionally, 'SKILL.md' instructs the agent to maintain a persistent 'MEMORY.md' file for workspace metadata, which increases the local attack surface for sensitive information disclosure.
Capability Assessment
Purpose & Capability
Name/description match the required binary and CLI behavior (a CLI that talks to Notion's private API). Requiring a vibe-notion binary installed from the node package is proportionate. However, the skill relies on auto-extraction of token_v2 from the Notion desktop app (accessing local cookies/keychain) — that capability is not expressed as an explicit declared requirement or credential and the package source/homepage is missing, which reduces provenance and increases risk.
Instruction Scope
SKILL.md instructs the agent to read ~/.config/vibe-notion/MEMORY.md at the start of every task and to write the full file contents when updating memory; it also instructs storing workspace IDs, page titles, database structure and aliases. That gives the agent persistent, broad access to potentially sensitive workspace metadata (and possibly titles/content). The templates/scripts also run shell commands and assume jq is present. These persistent read/write instructions broaden the data the agent will access beyond single commands and could leak sensitive information if mishandled.
Install Mechanism
Install uses an npm package ('vibe-notion') which is a common pattern but carries moderate risk because npm packages execute arbitrary code at install/runtime. The skill metadata lacks a homepage/source URL for verification, so package provenance cannot be confirmed here — review the npm package source and maintainers before installing.
Credentials
No environment variables are required (consistent with token auto-extraction), but the CLI's behavior of extracting and storing token_v2 implies access to local cookies/keychain and writing ~/.config/vibe-notion/credentials.json. Those credential-accessing behaviors are sensitive and are not surfaced as required env vars or explicit privileges in the registry metadata. The agent is asked to persist workspace identifiers and human-readable titles, which may expose sensitive metadata.
Persistence & Privilege
always:false and the skill does not attempt to modify other skills or global agent configuration, which is good. However, it asks the agent to maintain a persistent memory file in ~/.config/vibe-notion/MEMORY.md and documents a credentials file (~/.config/vibe-notion/credentials.json) created by the CLI. Persistent storage of workspace/page metadata increases blast radius if the agent or filesystem is compromised — consider whether you want a skill that stores this data persistently.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install vibe-notion
  3. After installation, invoke the skill by name or use /vibe-notion
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.5.0
v1.5.0 adds changes to SKILL.md documentation only. - Updated version to 1.5.0. - No changes to functionality or code; only documentation was affected.
v1.4.0
v1.4.0 of vibe-notion is a documentation update: - Updated SKILL.md to refine and clarify instructions, best practices, and usage notes. - Version number incremented to 1.4.0. - No code or functionality changes; documentation only.
v1.3.1
vibe-notion 1.3.1 - Updated SKILL.md to increment version number from 1.3.0 to 1.3.1. - No changes to code or functionality; documentation version bump only.
v1.3.0
v1.3.0 includes documentation updates. - Updated SKILL.md for improved instructions and details - Clarified usage of the memory file and best practices - Enhanced example structures for memory management - No changes to code or CLI commands in this version
v1.2.2
v1.2.2 - Updated SKILL.md documentation only. - Clarified usage, memory management, and command guidelines for the `vibe-notion` CLI. - No changes to code or CLI functionality.
v1.2.1
v1.2.1 is a documentation update. - Updated version number in SKILL.md from 1.2.0 to 1.2.1. - No functional changes to the skill code or behavior.
v1.2.0
Version 1.2.0 of vibe-notion introduces new reference documentation and updates guidance for batch operations. - Added detailed reference files: `batch-operations.md`, `block-types.md`, and `output-format.md` - Updated SKILL.md with direct links to new batch operation documentation - Clarified instructions for handling bulk operations using the `batch` command
v0.9.0
- Bumped version to 0.9.0. - Updated SKILL.md with the new version number; no other changes detected.
v0.8.1
- Added Bash templates for page creation, page reading, database querying, and workspace overview. - Updated documentation to reflect new functionality. - Incremented version to 0.8.1.
v0.8.0
v0.8.0 expands view management capabilities. - Added support for `view-list`, `view-add`, and `view-delete` CLI commands. - Updated documentation to reflect new view management commands.
v0.6.0
v0.6.0 is a version bump and documentation update. - Updated SKILL.md to reflect version 0.6.0 (was 0.5.3). - No functional or CLI command changes in this release.
v0.5.3
- Added a new section detailing the difference between the `vibe-notion` CLI (private API) and `vibe-notionbot` CLI (official API), including a decision flow and feature comparison table. - Clarified the intended use case for each CLI and the conditions under which to choose one over the other. - No functional or command changes; documentation only.
v0.5.2
- Bumped version to 0.5.2. - Documentation updated in SKILL.md; no functional changes to code. - SKILL.md now reflects latest usage instructions and guidance.
v0.5.1
vibe-notion 0.5.1 - Skill now has detailed guidelines on using the CLI tool safely and effectively, especially for AI-agent memory management. - Emphasized to never call the Notion private API directly—always use the provided CLI. - Added clear instructions and examples for persistent memory usage and structure in MEMORY.md. - Outlined safe ways to handle authentication, workspaces, and bulk operations. - Updated usage examples and command references for pages, databases, and bulk operations. - Reiterated user privacy best practices, especially when suggesting feature requests.
Metadata
Slug vibe-notion
Version 1.5.0
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 14
Frequently Asked Questions

What is Vibe Notion?

Interact with Notion using the unofficial private API - pages, databases, blocks, search, users, comments. It is an AI Agent Skill for Claude Code / OpenClaw, with 871 downloads so far.

How do I install Vibe Notion?

Run "/install vibe-notion" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Vibe Notion free?

Yes, Vibe Notion is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Vibe Notion support?

Vibe Notion is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Vibe Notion?

It is built and maintained by Jeon Suyeol (@devxoul); the current version is v1.5.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463556 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259610 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200551 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191226 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190235 · by oswalpalash

💬 Comments