Lethal Trifecta – Using Notion Ai's Web Search Tool to Leak Private Notion Pages
Posted4 months agoActive4 months ago
codeintegrity.aiTechstory
calmnegative
Debate
0/100
Notion AISecurity VulnerabilityData Leakage
Key topics
Notion AI
Security Vulnerability
Data Leakage
A researcher demonstrates how Notion AI's web search tool can be exploited to leak private Notion pages, highlighting a potential security vulnerability.
Snapshot generated from the HN discussion
Discussion Activity
Light discussionFirst comment
N/A
Peak period
1
0-1h
Avg / period
1
Key moments
- 01Story posted
Sep 19, 2025 at 1:06 PM EDT
4 months ago
Step 01 - 02First comment
Sep 19, 2025 at 1:06 PM EDT
0s after posting
Step 02 - 03Peak activity
1 comments in 0-1h
Hottest window of the conversation
Step 03 - 04Latest activity
Sep 19, 2025 at 9:15 PM EDT
4 months ago
Step 04
Generating AI Summary...
Analyzing up to 500 comments to identify key contributors and discussion patterns
Discussion (2 comments)
Showing 2 comments
simonw
4 months ago
Under discussion here: https://news.ycombinator.com/item?id=45307095
coderinsanAuthor
4 months ago
Hey HN — yesterday Notion released AI agent support on their platform with support for MCP servers and custom AI agents. It didn’t take us long to find an example of a lethal trifecta attack in which, through indirect prompt injection, we were able to get Notion AI to leak data via its web search tool.
View full discussion on Hacker News
ID: 45303966Type: storyLast synced: 11/17/2025, 4:06:19 PM
Want the full context?
Jump to the original sources
Read the primary article or dive into the live Hacker News thread when you're ready.