Back to skill
Skillv1.0.1
ClawScan security
Notebooklm Integration · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 14, 2026, 4:07 PM
- Verdict
- Benign
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill is internally coherent: it documents using the unofficial notebooklm-py library to drive Google NotebookLM and asks for no unrelated credentials or installs, but it relies on an unofficial library that uses undocumented Google APIs so review and caution are warranted.
- Guidance
- This skill appears to do what it says (it wraps the unofficial notebooklm-py client), but take precautions before installing or using it: 1) Review the notebooklm-py source code on GitHub and the PyPI package to ensure there's no unexpected network calls or credential handling. 2) Use a dedicated virtual environment and, if possible, a non-sensitive Google account or service account with least privileges when authenticating. 3) Be aware the library uses undocumented Google APIs — it may break or behave unpredictably and could surface Drive or other private content to the library. 4) Prefer running the code in a sandbox and inspect network activity if you have concerns. If you need stronger assurance, request an official NotebookLM/Google-supported client or additional transparency from the package maintainer.
Review Dimensions
- Purpose & Capability
- okThe name/description (NotebookLM integration) match the instructions: installing/using notebooklm-py to create/manage notebooks, import sources, run queries, and generate artifacts. Required capabilities and commands shown in SKILL.md are consistent with that purpose.
- Instruction Scope
- okSKILL.md stays within the NotebookLM domain: examples show creating notebooks, adding sources, running research, and exporting artifacts. It instructs users to authenticate with Google via a browser flow and to provide file paths or Drive IDs when importing. It does not instruct the agent to read unrelated system files or to exfiltrate data to unexpected endpoints.
- Install Mechanism
- noteThis is an instruction-only skill (no install spec). The doc recommends pip install notebooklm-py and references a GitHub repo (https://github.com/teng-lin/notebooklm-py). Installing a third‑party PyPI package or cloning a GitHub repo is common/expected, but pip installs execute arbitrary Python code from an external source — review the package/repo before installing.
- Credentials
- noteThe skill declares no required env vars or credentials. However, it explicitly depends on your Google credentials (browser auth flow) and the library uses undocumented Google APIs. That is proportionate to the stated goal, but it does require granting the library access to Google account/Drive content — a meaningful privilege that users should consider.
- Persistence & Privilege
- okThe skill does not request always:true, does not modify other skills, and provides no install that writes persistent agent configuration. Autonomous invocation is allowed (platform default) but not combined with elevated privileges here.