ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

notebooklm-cli

v0.1.0

Command-line interface to manage Google NotebookLM notebooks, sources, and generate audio, quizzes, reports, presentations, and visual study materials progra...

3· 3.3k·15 current·18 all-time
by@oconnell-carl
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
The SKILL.md describes a CLI that authenticates by launching Chrome and extracting session cookies and that can import Google Drive sources. However the registry metadata lists no required binaries, no homepage/source, and no required credentials—this mismatch (no declared Chrome dependency, no provenance for the 'nlm' binary) is incoherent and unexplained.
!
Instruction Scope
Runtime instructions explicitly state 'nlm login' launches Chrome and extracts session cookies and support Drive imports and automated web research. Those actions involve accessing browser session data and possibly private Drive content. The SKILL.md grants broad discretion (research/import automation) that could read or transmit sensitive user data beyond a simple documented API call.
Install Mechanism
There is no install spec and no code files, so nothing will be written or executed by the registry install step itself. That reduces filesystem-install risk, but also means there is no provenance or build/install information for the 'nlm' CLI referenced in the docs.
!
Credentials
The skill's authentication flow relies on extracting Chrome session cookies and accessing Google Drive, yet the metadata requests no environment variables or credentials and offers no explanation of data minimization. Requesting or extracting browser cookies is high-privilege and not proportionally declared or justified in the registry metadata.
Persistence & Privilege
always:false (good) and the skill is user-invocable. However, the skill allows autonomous invocation (default) and that combined with instructions to extract session cookies and import sources increases potential impact if the agent invokes the skill without explicit user supervision.
What to consider before installing
This skill is instruction-only and documents a CLI ('nlm') that authenticates by launching Chrome and extracting session cookies and that can read/import Google Drive content. Before installing or enabling it: (1) demand provenance—where does the 'nlm' binary come from (official release, GitHub repository, checksums/signature)? (2) do not let it access your real browser profile; cookie extraction can expose all Google sessions. Prefer an OAuth-based flow or an official API token rather than cookie scraping. (3) If you must test it, run in an isolated environment (throwaway VM/container) with a disposable Google account and no sensitive Drive data. (4) Ask the publisher for source code, a clear installer, and an explanation why cookie extraction is necessary and how data is stored/transmitted. (5) Do not enable autonomous use of this skill until you verify its behavior and provenance.

Like a lobster shell, security has layers — review code before you run it.

audiovk974dqcxp9mcsmba2b74v7snns801j0pclivk974dqcxp9mcsmba2b74v7snns801j0pgooglevk974dqcxp9mcsmba2b74v7snns801j0platestvk974dqcxp9mcsmba2b74v7snns801j0pnotebooklmvk974dqcxp9mcsmba2b74v7snns801j0ppodcastvk974dqcxp9mcsmba2b74v7snns801j0p

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments