anything-to-notebooklm

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow explicitly ingests open web and YouTube URLs and runs NotebookLM generation/search from web (e.g., "Step 1：識別內容源" with source add "https://..." and the "AI 研究搜尋" source add-research ... --from web and examples in references/examples.md), so untrusted third-party content is fetched and directly used to drive generation and actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill explicitly ingests external web/video content at runtime (e.g., "notebooklm source add "https://www.youtube.com/watch?v=abc123\""), which fetches and injects that remote content into the model's context to drive generated prompts and outputs, so the YouTube URL is a runtime external dependency that directly controls the agent's behavior.