cli-anything-notebooklm

SUSPICIOUS. The skill's functionality matches its stated NotebookLM harness purpose, but it delegates sensitive authenticated actions to an unofficial third-party CLI tied to a personal project rather than Google. Install sources are documented and partly verifiable, so this is not confirmed malware, but the dependency and browser-session handling create meaningful trust and credential-exposure risk.