cli-anything-notebooklm

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly lists a "source" command group that supports "URL add" (source listing and URL add) and a "chat" group that asks questions of notebook content, indicating the agent can ingest arbitrary public URLs into NotebookLM and then use that content to drive answers/actions, which creates exposure to untrusted third-party content.