Back to skill
Skillv1.1.0
VirusTotal security
X To Notebook · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 30, 2026, 5:27 AM
- Hash
- 959f57b20eb8ec7484b33461bc769159c4ddbaed823f85bd8f25d7bfa7544fb1
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: x-to-notebook Version: 1.1.0 The skill bundle provides a legitimate workflow for syncing X (Twitter) bookmarks to Google NotebookLM. It uses the 'twikit' library to fetch bookmarks and a local MCP server ('notebooklm-mcp-cli') to push content. The scripts (auto_sync.py, fetch_bookmarks.py) handle sensitive credentials (X cookies) stored locally in the user's home directory as expected for this integration. Security practices like using shlex.quote to prevent shell injection are present, and there is no evidence of data exfiltration or malicious intent.
- External report
- View on VirusTotal