The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes multiple shell commands such as mkdir, cp, nlm, and pdftoppm. These commands interpolate variables like the notebook title and output paths directly into shell strings without sanitization.
[COMMAND_EXECUTION]: A background bash script is dynamically generated and executed. If the notebook title (extracted from the script content) or the provided file paths contain shell metacharacters, it could lead to arbitrary command injection.
[EXTERNAL_DOWNLOADS]: The skill relies on external components, specifically the notebooklm-mcp-cli Python package and the poppler system library, which must be installed to enable the slide generation and conversion features.
[PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it processes content from an external script.md file without adequate safeguards.
Ingestion points: Content is read directly from the user-provided file path.
Boundary markers: No delimiters or instructions are used to separate user data from agent commands.
Capability inventory: The skill can write to the filesystem, execute shell commands, and communicate with external APIs via the nlm tool.
Sanitization: No escaping or validation is applied to the script content or extracted metadata before they are used in command-line operations.

laohan-notebooklm