Skills
skills/mathruffian-dot/codex-lazy-packs/codex-notebooklm/Gen Agent Trust Hub

codex-notebooklm

Warn

Audited by Gen Agent Trust Hub on Jun 15, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONCREDENTIALS_UNSAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the package notebooklm-mcp-cli using the uv package manager. This package is a third-party tool and is not maintained by an official service provider.
  • [COMMAND_EXECUTION]: The instructions require executing multiple local shell commands to install the software, manage authentication, and modify the agent configuration file (~/.codex/config.toml).
  • [CREDENTIALS_UNSAFE]: The skill facilitates authentication via the nlm login command. The skill body explicitly notes that this tool is not official and uses internal APIs to process session data, which introduces risk when handling credentials.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 15, 2026, 03:51 AM
Security Audit — agent-trust-hub — codex-notebooklm