Anything To Notebooklm
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: anything-to-notebooklm Version: 1.0.0 The 'anything-to-notebooklm' skill bundle is a legitimate tool designed to automate the processing of diverse content sources (WeChat, YouTube, Office documents, PDFs, etc.) and their integration with Google NotebookLM. It utilizes the Microsoft 'markitdown' library for file conversion and an external MCP server for WeChat scraping. The installation script (install.sh) and environment checker (check_env.py) are well-structured and transparent, and while they install dependencies from GitHub repositories, these actions are consistent with the stated functionality. No evidence of data exfiltration, malicious persistence, or harmful prompt injection was found; the instructions in SKILL.md are strictly focused on functional task execution.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The code actually run during installation or later MCP use could change if those repositories or their dependencies change or are compromised.
The installer pulls executable helper and CLI code from live GitHub repositories without a pinned commit, version, or hash; the cloned MCP server source is not included in the reviewed manifest.
git clone https://github.com/Bwkyd/wexin-read-mcp.git "$MCP_DIR" ... pip3 install git+https://github.com/teng-lin/notebooklm-py.git -q
Pin external repositories to audited commits, provide lockfiles or vendored reviewed helper code, and install inside an isolated virtual environment before configuring Claude to use it.
A persistent helper expands the agent’s tool surface beyond this one prompt, and its actual behavior depends on code that is downloaded during setup rather than included in the reviewed package.
The instructions register a persistent MCP server in Claude’s configuration; after restart, that externally cloned server remains available to the agent.
"mcpServers": { "weixin-reader": { "command": "python", "args": [ "/Users/joe/.claude/skills/anything-to-notebooklm/wexin-read-mcp/src/server.py" ] } } ... 配置后需要重启 Claude Code。Only enable the MCP server if needed, review the cloned server code first, use an absolute path you control, and remove the MCP config entry when you no longer need WeChat article fetching.
This may violate site terms or trigger account/platform restrictions even though it is disclosed and related to the skill’s WeChat-reading purpose.
The skill openly states that the WeChat integration uses browser automation to bypass anti-crawling measures.
微信公众号(绕过反爬虫) ... MCP 用浏览器模拟绕过。
Use the WeChat scraping feature only where you have permission and are comfortable with the platform-policy risk.
The NotebookLM CLI will operate with the user’s logged-in account and may create notebooks, add sources, and generate artifacts there.
The skill requires an authenticated NotebookLM account, which is expected for uploading and generating NotebookLM content but is not reflected in the registry credential declarations.
首次使用前必须认证: notebooklm login notebooklm list # 验证认证成功
Confirm which Google/NotebookLM account is logged in, understand the CLI’s permissions, and log out or use a separate account if needed.
Any selected local document or extracted ZIP content may be sent to Google NotebookLM and stored or processed there.
The workflow uploads converted sources to NotebookLM; supported inputs include local PDFs, Office files, images, audio, ZIP archives, webpages, and search summaries.
notebooklm source add /tmp/weixin_xxx.txt --wait # 上传文件并等待处理完成
Review files before use, avoid confidential or regulated content unless NotebookLM is approved for it, and delete notebooks/sources after processing if retention is not desired.