NotebookLM Ops
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This skill is purpose-aligned for NotebookLM, but it controls a logged-in Google browser session through CDP/VNC and unreviewed local helper scripts, so it needs careful review before use.
Install only if you trust the local helper scripts under `/home/moltuser/clawd/scripts` and understand that the skill can control a logged-in Chromium session. Prefer a dedicated browser profile and Google account, restrict CDP/VNC exposure, review the external scripts first, and manually stop the GUI stack when finished.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
66/66 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The skill may operate through your existing Google session, potentially affecting NotebookLM and any related access available in that browser profile.
This gives the skill and its helper scripts access to a logged-in Google session/profile. The artifacts do not clearly limit the profile, account, cookies, or delegated permissions used for NotebookLM.
A one-time manual login in Chromium to Google/NotebookLM is required. After that, this skill keeps refresh automated by reusing the same browser profile/session.
Use a dedicated Chromium profile and least-privileged Google account for this skill, review what session data is accessible, and revoke or rotate the session if anything unexpected happens.
The most sensitive operations depend on unseen local code; if those helper scripts are modified or unsafe, they could misuse the logged-in browser session.
Critical GUI and cookie-refresh helpers are referenced at absolute paths outside the supplied manifest, so their behavior and provenance cannot be reviewed from the provided artifacts.
Working scripts used by this skill: - `/home/moltuser/clawd/scripts/notebooklm-remote-gui.sh` - `/home/moltuser/clawd/scripts/refresh-google-mcp-cookies.sh`
Inspect, pin, and trust the external helper scripts before installing; ideally bundle reviewed copies or verify their hashes and ownership.
If the CDP or VNC interfaces are reachable by unintended local or network users, they could control the browser session used for NotebookLM.
CDP remote debugging and VNC-style GUI access can control a logged-in browser. The artifacts do not state binding, authentication, or containment controls for those interfaces.
Linux host with Chromium and CDP (`--remote-debugging-port=9222`). - Virtual display stack: **Xvfb + openbox + x11vnc**.
Ensure CDP is bound to localhost, protect or disable VNC access when not needed, firewall the ports, and run the ON workflow only when explicitly requested.
NotebookLM browser automation may keep running until the OFF command is used.
The skill intentionally starts background GUI/browser processes for its purpose and also documents an OFF cleanup command, so this is disclosed but still important for users to notice.
Start GUI/CDP stack (Xvfb + openbox + x11vnc + Chromium).
Run the OFF command after use and verify that Chromium, x11vnc, Xvfb, and openbox processes have stopped.