Skills
skills/jacob-bd/notebooklm-mcp/nlm-skill/Snyk

nlm-skill

Fail

Audited by Snyk on Apr 30, 2026

Risk Level: HIGH
Full Analysis

HIGH W007: Insecure credential handling detected in skill instructions.

  • Insecure credential handling detected (high risk: 0.90). The prompt instructs users to extract and paste authentication cookies (mcp__notebooklm-mcp__save_auth_tokens(cookies="<cookie_header>")), which would require the agent to accept and include sensitive cookie/header values verbatim in a tool call or output, creating a high exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 1.00). The SKILL.md workflows explicitly ingest open web and user-generated content (e.g., "nlm source add --url 'https://...'", YouTube URLs, and "nlm research start 'query' --notebook-id ") and then have the agent read/describe/query those sources and use them to generate artifacts (studio/report/audio) and drive follow-up actions, so untrusted third‑party content can materially influence tool behavior and pose an indirect prompt-injection risk.

Issues (2)

W007
HIGH

Insecure credential handling detected in skill instructions.

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
HIGH
Analyzed
Apr 30, 2026, 11:13 AM
Issues
2