Home/notion-cookbook/Trust report

Trust and health report

notion-cookbook - trust report

Sourced, dated trust signals - maintenance label posture, repository provenance, and security scan status. Not a composite safety grade.

GraphCanon updated today · GitHub synced today

Maintenance

Recency and activity heuristics from public GitHub metadata (maintenance label, momentum); methodology: github_public_v1.

Very active96% signal

last push 3d ago

Provenance

Repository identity and fork provenance (github_public_v1).

  • GitHub repo id: 1089671651
  • Not a fork
  • Verified publisher: organization account
  • Computed today

Security scan

Dependency advisory security scan when a lockfile is present. Not a full code audit.

Status
13 low
Last scan
today
Scanner
osv@v1

Findings

GHSA-f886-m6hf-6m8v
brace-expansion@2.0.2 · package-lock.json
GHSA-5j98-mcp5-4vw2
glob@10.3.16 · package-lock.json
GHSA-h67p-54hq-rp68
js-yaml@4.1.0 · package-lock.json
GHSA-mh29-5h37-fv8m
js-yaml@4.1.0 · package-lock.json
GHSA-22p9-wv53-3rq4
linkify-it@5.0.0 · package-lock.json
GHSA-38c4-r59v-3vqw
markdown-it@14.0.0 · package-lock.json
GHSA-6v5v-wf23-fmfq
markdown-it@14.0.0 · package-lock.json
GHSA-23c5-xmqv-rm74
minimatch@9.0.5 · package-lock.json
GHSA-3ppc-4f35-3m26
minimatch@9.0.5 · package-lock.json
GHSA-7r86-cg39-jmmj
minimatch@9.0.5 · package-lock.json
GHSA-3v7f-55p6-f55p
picomatch@2.3.1 · package-lock.json
GHSA-c2c7-rcm5-vvqj
picomatch@2.3.1 · package-lock.json
GHSA-48c2-rrv3-qjmp
yaml@2.8.1 · package-lock.json

Method and caveats:these are sourced, dated heuristics from public GitHub data and optional dependency scans. A status like "no criticals found on 2026-07-11" is not a guarantee of safety. Read the full trust methodology · JSON report at /api/graphcanon/tools/makenotion-notion-cookbook/trust.

Common questions

Is notion-cookbook maintained?
GraphCanon rates notion-cookbook "Very active" (96% maintenance signal from public GitHub metadata, computed today). Last push was 3 days ago. This is a recency heuristic, not a guarantee the project will stay maintained.
Is notion-cookbook safe to use?
Last scanned today (deps profile). Status: 13 low - 13 low finding(s) in the latest scan. GraphCanon does not claim the project is safe or vulnerability-free; review findings on the trust report. GraphCanon does not certify notion-cookbook as safe - review maintenance, provenance, and scan findings on this page before adopting.
Is notion-cookbook a fork?
No. notion-cookbook is not flagged as a fork in GitHub metadata at the time of the last refresh.
Does notion-cookbook have known security vulnerabilities?
Last scanned today (deps profile). Status: 13 low - 13 low finding(s) in the latest scan. GraphCanon does not claim the project is safe or vulnerability-free; review findings on the trust report.
How often is the notion-cookbook trust report updated?
Trust signals refresh on GitHub ingest/refresh cycles and optional dependency/MCP scans. This report was computed today (methodology github_public_v1).
What does GraphCanon never claim about notion-cookbook?
We never publish a composite safety grade, pen-test endorsement, or "verified secure" label for notion-cookbook. Signals are sourced heuristics with explicit limits - see trust methodology.
How does GraphCanon assess trust for notion-cookbook?
Signals are sourced from public GitHub metadata and optional dependency/MCP manifest scans, each tagged with methodology version and computed date. GraphCanon does not publish a composite safety grade. Read trust methodology for full scope and limits.