notebooklm

SUSPICIOUS. The skill’s functionality mostly matches its stated NotebookLM purpose, and the install path is a standard PyPI package with public provenance rather than an obvious malware delivery chain. However, it depends on a third-party CLI outside the publisher’s org, uses browser-session auth against undocumented Google APIs, and combines untrusted content ingestion with Bash/Write permissions and external sharing/export actions. This is better classified as a high-trust integration with notable security exposure, not confirmed malware.