notebooklm

SUSPICIOUS: The skill’s purpose and core Google data flow are broadly coherent, but it relies on undocumented NotebookLM RPC automation and local reuse of Google session cookies. No clear third-party exfiltration is evident, so this is not confirmed malware, but it carries meaningful account/session and execution-trust risk.