
Research
/Security News
jscrambler npm Package Compromised in Supply Chain Attack
A compromised jscrambler npm release added a malicious preinstall hook that runs hidden native binaries on Linux, macOS, and Windows.
@4ier/notion-cli
Advanced tools
Full-featured CLI for Notion. Like gh for GitHub, but for Notion. 44 commands, one binary.
Like gh for GitHub, but for Notion. 39 commands. One binary.
A full-featured command-line interface for Notion. Manage pages, databases, blocks, comments, users, and files — all from your terminal. Built for developers and AI agents who need programmatic access without the browser.
brew install 4ier/tap/notion-cli
go install github.com/4ier/notion-cli@latest
npm install -g @4ier/notion-cli
scoop bucket add 4ier https://github.com/4ier/scoop-bucket
scoop install notion-cli
docker run --rm -e NOTION_TOKEN ghcr.io/4ier/notion-cli search "meeting"
Download from GitHub Releases — available for Linux, macOS, and Windows (amd64/arm64).
# Authenticate
echo "ntn_xxxxx" | notion auth login --with-token
# Search your workspace
notion search "meeting notes"
# Query a database with filters
notion db query <db-id> --filter 'Status=Done' --sort 'Date:desc'
# Create a page in a database
notion page create <db-id> --db "Name=Weekly Review" "Status=Todo"
# Read page content as Markdown
notion block list <page-id> --depth 3 --md
# Append blocks from a Markdown file
notion block append <page-id> --file notes.md
# Raw API escape hatch
notion api GET /v1/users/me
| Group | Commands | Description |
|---|---|---|
| auth | login logout status switch doctor | Authentication & diagnostics |
| search | search | Search pages and databases |
| page | view list create delete restore move open set props link unlink | Full page lifecycle |
| db | list view query create update add add-bulk open | Database CRUD + query |
| block | list get append insert update delete | Content block operations |
| comment | list add get | Discussion threads |
| user | me list get | Workspace members |
| file | list upload | File management |
| api | <METHOD> <path> | Raw API escape hatch |
39 subcommands covering 100% of the Notion API.
No JSON needed for 90% of queries:
notion db query <id> --filter 'Status=Done' --filter 'Priority=High' --sort 'Date:desc'
For complex queries (OR, nesting), use the JSON escape hatch:
notion db query <id> --filter-json '{"or":[{"property":"Status","status":{"equals":"Done"}},{"property":"Status","status":{"equals":"Cancelled"}}]}'
Property types are auto-detected from the database schema:
notion page create <db-id> --db "Name=Sprint Review" "Date=2026-03-01" "Points=8" "Done=true"
jq, scripts, and AI agents# Pretty table in terminal
notion db query <id>
# JSON when piped
notion db query <id> | jq '.results[].properties.Name'
# Read blocks as Markdown
notion block list <page-id> --md --depth 3
# Write Markdown to Notion
notion block append <page-id> --file document.md
Supports headings, bullets, numbered lists, todos, quotes, code blocks, and dividers.
notion block list <page-id> --depth 5 --all
# Both work
notion page view abc123def
notion page view https://notion.so/My-Page-abc123def456
object_not_found: Could not find page with ID abc123
→ Check the ID is correct and the page/database is shared with your integration
This CLI is designed to be agent-friendly:
Install as an agent skill:
npx skills add 4ier/notion-cli
# Token is stored in ~/.config/notion-cli/config.json (mode 0600)
echo "ntn_xxxxx" | notion auth login --with-token
# Or use environment variable
export NOTION_TOKEN=ntn_xxxxx
# Check authentication
notion auth status
notion auth doctor
In MSYS-based shells (Git Bash, MSYS2), arguments starting with / are silently rewritten to Windows paths. This breaks API path arguments:
# ✗ /v1/users/me becomes C:/Program Files/Git/v1/users/me
notion api GET /v1/users/me
Fix: disable MSYS path conversion:
MSYS_NO_PATHCONV=1 notion api GET /v1/users/me
Or export it for the session: export MSYS_NO_PATHCONV=1
This is a shell-level issue, not a bug in notion-cli. PowerShell and cmd.exe are not affected.
Issues and PRs welcome at github.com/4ier/notion-cli.
FAQs
Full-featured CLI for Notion. Like gh for GitHub, but for Notion. 44 commands, one binary.
The npm package @4ier/notion-cli receives a total of 1,692 weekly downloads. As such, @4ier/notion-cli popularity was classified as popular.
We found that @4ier/notion-cli demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Research
/Security News
A compromised jscrambler npm release added a malicious preinstall hook that runs hidden native binaries on Linux, macOS, and Windows.

Research
/Security News
A malicious .NET package is typosquatting the Braintree SDK to steal live payment card data, merchant API keys, and host secrets from production apps.

Security News
/Research
Compromised Injective SDK npm version 1.20.21 exfiltrates wallet private keys and mnemonics through fake telemetry functionality.