← 返回 Skills 市场
devxoul

Vibe Notion

作者 Jeon Suyeol · GitHub ↗ · v1.5.0 · MIT-0
cross-platform ⚠ suspicious
871
总下载
0
收藏
0
当前安装
14
版本数
在 OpenClaw 中安装
/install vibe-notion
功能描述
Interact with Notion using the unofficial private API - pages, databases, blocks, search, users, comments
安全使用建议
This skill uses Notion's unofficial private API and the CLI auto-extracts your token_v2 from the Notion desktop app (it will read cookies/keychain and write credentials to ~/.config/vibe-notion/credentials.json). The package source/homepage is not provided in the metadata — verify the npm package (review its repository, author, and install scripts) before installing. Consider these steps before proceeding: - Prefer the official API (use vibe-notionbot) if you want lower-risk, auditable access. - Inspect the npm package source code and install scripts locally (or run in an isolated VM/container) to confirm what it reads/writes. - Be cautious about persistent memory: the agent is instructed to read/write ~/.config/vibe-notion/MEMORY.md containing workspace IDs, page titles, and other metadata — decide whether you accept persistent storage of this data. - If you proceed, limit exposure: run the CLI in a dedicated account/container, back up/inspect the credentials file, and avoid granting broader system access. If unsure, decline or seek a version with documented provenance and an official API integration.
功能分析
Type: OpenClaw Skill Name: vibe-notion Version: 1.5.0 The skill bundle facilitates Notion interaction via an unofficial private API, which involves high-risk automated extraction of 'token_v2' credentials from the Notion desktop app's local storage and system Keychain (on macOS). While this behavior is aligned with the stated purpose of the 'vibe-notion' CLI, the practice of programmatically accessing sensitive third-party application data and storing it in '~/.config/vibe-notion/credentials.json' presents a significant security risk. Additionally, 'SKILL.md' instructs the agent to maintain a persistent 'MEMORY.md' file for workspace metadata, which increases the local attack surface for sensitive information disclosure.
能力评估
Purpose & Capability
Name/description match the required binary and CLI behavior (a CLI that talks to Notion's private API). Requiring a vibe-notion binary installed from the node package is proportionate. However, the skill relies on auto-extraction of token_v2 from the Notion desktop app (accessing local cookies/keychain) — that capability is not expressed as an explicit declared requirement or credential and the package source/homepage is missing, which reduces provenance and increases risk.
Instruction Scope
SKILL.md instructs the agent to read ~/.config/vibe-notion/MEMORY.md at the start of every task and to write the full file contents when updating memory; it also instructs storing workspace IDs, page titles, database structure and aliases. That gives the agent persistent, broad access to potentially sensitive workspace metadata (and possibly titles/content). The templates/scripts also run shell commands and assume jq is present. These persistent read/write instructions broaden the data the agent will access beyond single commands and could leak sensitive information if mishandled.
Install Mechanism
Install uses an npm package ('vibe-notion') which is a common pattern but carries moderate risk because npm packages execute arbitrary code at install/runtime. The skill metadata lacks a homepage/source URL for verification, so package provenance cannot be confirmed here — review the npm package source and maintainers before installing.
Credentials
No environment variables are required (consistent with token auto-extraction), but the CLI's behavior of extracting and storing token_v2 implies access to local cookies/keychain and writing ~/.config/vibe-notion/credentials.json. Those credential-accessing behaviors are sensitive and are not surfaced as required env vars or explicit privileges in the registry metadata. The agent is asked to persist workspace identifiers and human-readable titles, which may expose sensitive metadata.
Persistence & Privilege
always:false and the skill does not attempt to modify other skills or global agent configuration, which is good. However, it asks the agent to maintain a persistent memory file in ~/.config/vibe-notion/MEMORY.md and documents a credentials file (~/.config/vibe-notion/credentials.json) created by the CLI. Persistent storage of workspace/page metadata increases blast radius if the agent or filesystem is compromised — consider whether you want a skill that stores this data persistently.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install vibe-notion
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /vibe-notion 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.5.0
v1.5.0 adds changes to SKILL.md documentation only. - Updated version to 1.5.0. - No changes to functionality or code; only documentation was affected.
v1.4.0
v1.4.0 of vibe-notion is a documentation update: - Updated SKILL.md to refine and clarify instructions, best practices, and usage notes. - Version number incremented to 1.4.0. - No code or functionality changes; documentation only.
v1.3.1
vibe-notion 1.3.1 - Updated SKILL.md to increment version number from 1.3.0 to 1.3.1. - No changes to code or functionality; documentation version bump only.
v1.3.0
v1.3.0 includes documentation updates. - Updated SKILL.md for improved instructions and details - Clarified usage of the memory file and best practices - Enhanced example structures for memory management - No changes to code or CLI commands in this version
v1.2.2
v1.2.2 - Updated SKILL.md documentation only. - Clarified usage, memory management, and command guidelines for the `vibe-notion` CLI. - No changes to code or CLI functionality.
v1.2.1
v1.2.1 is a documentation update. - Updated version number in SKILL.md from 1.2.0 to 1.2.1. - No functional changes to the skill code or behavior.
v1.2.0
Version 1.2.0 of vibe-notion introduces new reference documentation and updates guidance for batch operations. - Added detailed reference files: `batch-operations.md`, `block-types.md`, and `output-format.md` - Updated SKILL.md with direct links to new batch operation documentation - Clarified instructions for handling bulk operations using the `batch` command
v0.9.0
- Bumped version to 0.9.0. - Updated SKILL.md with the new version number; no other changes detected.
v0.8.1
- Added Bash templates for page creation, page reading, database querying, and workspace overview. - Updated documentation to reflect new functionality. - Incremented version to 0.8.1.
v0.8.0
v0.8.0 expands view management capabilities. - Added support for `view-list`, `view-add`, and `view-delete` CLI commands. - Updated documentation to reflect new view management commands.
v0.6.0
v0.6.0 is a version bump and documentation update. - Updated SKILL.md to reflect version 0.6.0 (was 0.5.3). - No functional or CLI command changes in this release.
v0.5.3
- Added a new section detailing the difference between the `vibe-notion` CLI (private API) and `vibe-notionbot` CLI (official API), including a decision flow and feature comparison table. - Clarified the intended use case for each CLI and the conditions under which to choose one over the other. - No functional or command changes; documentation only.
v0.5.2
- Bumped version to 0.5.2. - Documentation updated in SKILL.md; no functional changes to code. - SKILL.md now reflects latest usage instructions and guidance.
v0.5.1
vibe-notion 0.5.1 - Skill now has detailed guidelines on using the CLI tool safely and effectively, especially for AI-agent memory management. - Emphasized to never call the Notion private API directly—always use the provided CLI. - Added clear instructions and examples for persistent memory usage and structure in MEMORY.md. - Outlined safe ways to handle authentication, workspaces, and bulk operations. - Updated usage examples and command references for pages, databases, and bulk operations. - Reiterated user privacy best practices, especially when suggesting feature requests.
元数据
Slug vibe-notion
版本 1.5.0
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 14
常见问题

Vibe Notion 是什么?

Interact with Notion using the unofficial private API - pages, databases, blocks, search, users, comments. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 871 次。

如何安装 Vibe Notion?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install vibe-notion」即可一键安装,无需额外配置。

Vibe Notion 是免费的吗?

是的,Vibe Notion 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

Vibe Notion 支持哪些平台?

Vibe Notion 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Vibe Notion?

由 Jeon Suyeol(@devxoul)开发并维护,当前版本 v1.5.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论