nlm-skill
Pass
Audited by Gen Agent Trust Hub on May 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [SAFE]: The skill documents robust safety practices, explicitly instructing the agent to always seek user confirmation before executing any delete or permanent sync operations.
- [COMMAND_EXECUTION]: The skill uses the
nlmCLI and associated MCP tools to interact with the NotebookLM service. These commands are used for legitimate resource management such as creating notebooks, querying sources, and generating content. - [EXTERNAL_DOWNLOADS]: The skill references the installation of the
notebooklm-mcp-clitool via standard package managers and utilizes built-in research features to fetch data from URLs, YouTube, and Google Drive as part of its intended functionality. - [PROMPT_INJECTION]: Instructions within the skill, such as constraints on tool usage (e.g., avoiding
nlm chat start), are operational guidelines aimed at ensuring the AI agent functions correctly within the platform's constraints and are not malicious injections.
Audit Metadata