Skip to content

feat: add notion-agent example#4

Open
larsen66 wants to merge 1 commit intomainfrom
feat/notion-agent
Open

feat: add notion-agent example#4
larsen66 wants to merge 1 commit intomainfrom
feat/notion-agent

Conversation

@larsen66
Copy link
Contributor

@larsen66 larsen66 commented Mar 12, 2026

Notion workspace assistant that lets users connect their own integration key via UI and interact with pages, databases, and blocks through chat.

Key implementation details:

  • Uses runtime: "claude-code" with bash/node calls to Notion API directly
  • Injects NOTION_API_KEY via envs option in sandboxes.create() — not files, because the platform overwrites /home/user/.env with relay config
  • Wraps all async bash in IIFE to avoid ERR_AMBIGUOUS_MODULE_SYNTAX on Node 24
  • Saves Notion key + sessions to localStorage for returning users

@claude
feat: add notion-agent example
d1c656f 
Notion workspace assistant that lets users connect their own integration
key via UI and interact with pages, databases, and blocks through chat.

Key implementation details:
- Uses runtime: "claude-code" with bash/node calls to Notion API directly
- Injects NOTION_API_KEY via envs option in sandboxes.create() — not files,
  because the platform overwrites /home/user/.env with relay config
- Wraps all async bash in IIFE to avoid ERR_AMBIGUOUS_MODULE_SYNTAX on Node 24
- Saves Notion key + sessions to localStorage for returning users

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@vercel
Copy link

vercel bot commented Mar 12, 2026

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
21st-sdk-email-agent Ready Ready Preview, Comment Mar 12, 2026 5:19am
21st-sdk-fill-form Ready Ready Preview, Comment Mar 12, 2026 5:19am
21st-sdk-monitor-agent Ready Ready Preview, Comment Mar 12, 2026 5:19am
21st-sdk-nextjs-chat Ready Ready Preview, Comment Mar 12, 2026 5:19am
21st-sdk-nia-chat Ready Ready Preview, Comment Mar 12, 2026 5:19am
21st-sdk-note-taker Ready Ready Preview, Comment Mar 12, 2026 5:19am
21st-sdk-web-scraper Ready Ready Preview, Comment Mar 12, 2026 5:19am

Request Review

chatgpt-codex-connector[bot]
chatgpt-codex-connector bot reviewed Mar 12, 2026
View reviewed changes
Copy link

@chatgpt-codex-connector chatgpt-codex-connector bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: d1c656f494

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

notion-agent/.env.example
@@ -0,0 +1,6 @@
# 21st SDK credentials (https://21st.dev/agents/api-keys)
API_KEY_21ST=an_sk_3d11e249701bd71aeb4ec039f8062520af1a4f11099fd69283476d6881690263
Copy link

@chatgpt-codex-connector chatgpt-codex-connector bot Mar 12, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P1 Badge Remove hardcoded API key from env template

The example env file checks in a concrete an_sk_... credential instead of a placeholder, which exposes that account to unauthorized use and makes it easy for anyone cloning the repo to accidentally run sandboxes against someone else’s billing quota. Replace it with a non-secret placeholder (for example an_sk_your_key_here) and rotate the leaked key.

Useful? React with 👍 / 👎.

notion-agent/app/api/agent/sandbox/route.ts
Comment on lines +12 to +13
const sandbox = await client.sandboxes.create({
agent: NOTION_AGENT_NAME,
Copy link

@chatgpt-codex-connector chatgpt-codex-connector bot Mar 12, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P1 Badge Add authentication before sandbox creation

This endpoint performs sandboxes.create directly with the server API key but does not enforce any authentication/authorization first, so a public deployment can be abused by arbitrary callers to create unbounded sandboxes and burn account quota/cost. Add a user/session check (and ideally rate limiting) before this call.

Useful? React with 👍 / 👎.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@chatgpt-codex-connector chatgpt-codex-connector[bot] chatgpt-codex-connector[bot] left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@larsen66