opencode-notebooklm

SUSPICIOUS: the skill is functionally coherent for connecting OpenCode to NotebookLM, but it depends on a non-Google third-party CLI that handles Google login and uses undocumented internal APIs. This is not confirmed malware, yet the trust and account-access implications are higher than a normal documentation-only skill.