NotebookLM RAG Line
AdvisoryAudited by Static analysis on May 13, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Running the skill can fetch and execute third-party browser automation code that was not pinned or fully declared in the skill metadata.
If patchright is missing, the script downloads and installs the latest unpinned package during execution rather than relying on a reviewed, pinned install step.
log("patchright not installed, installing...")
subprocess.run([sys.executable, "-m", "pip", "install", "patchright"], check=True)Install dependencies explicitly before use, pin package versions, and remove or disable runtime auto-install behavior.
If the user points this at a normal Chrome profile, the automation runs with that signed-in browser session and can read NotebookLM page content and save the resulting answers locally.
The skill uses a persistent Chrome profile to access a Google NotebookLM notebook, effectively operating under the browser session/account represented by that profile.
CHROME_PROFILE = "C:/Users/clawsPeak/AppData/Local/notebooklm-mcp/Data/chrome_profile"
...
context = p.chromium.launch_persistent_context(
CHROME_PROFILE,
headless=False
)
url = f"https://notebooklm.google.com/notebook/{NOTEBOOK_ID}/preview"Use a dedicated Chrome profile with only the needed NotebookLM access, verify the notebook ID, and do not point the skill at your everyday browser profile.
If enabled, the skill can continue querying NotebookLM and updating the local RAG database every day, consuming account quota and changing local data.
The documentation provides an optional scheduled task that would run the update script daily.
Register-ScheduledTask -TaskName "RAG_NotebookLM_Update" -Action $action -Trigger $trigger -Description "NotebookLM RAG 自動更新"
Only create the scheduled task if you want recurring automation, and keep instructions for disabling or deleting the task.
Incorrect, sensitive, or poisoned entries in the RAG database can influence the assistant’s future answers.
Stored Q&A entries from the local RAG database are inserted into the LLM prompt to generate answers.
rag_context = "\n\n【知識庫資料】\n" + "\n\n".join([
f"相關問題:「{q}」\n參考答案:「{a}」"
for q, a, s in similarities[:5]
])Curate the questions and stored answers, avoid adding sensitive NotebookLM content unless intended, and periodically review or clear the RAG database.