Trust Assessment
notebooklm-cli received a trust score of 75/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 3 findings: 0 critical, 1 high, 2 medium, and 0 low severity. Key findings include Missing required field: name, Skill extracts user session cookies for authentication, Skill requests broad access to Google Drive content.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Skill extracts user session cookies for authentication The skill's `nlm login` command is documented to 'extract session cookies' from a launched Chrome browser. While this mechanism is used for authentication, it involves handling highly sensitive user credentials. If the underlying `nlm` tool is compromised or malicious, these extracted session cookies could be harvested and exfiltrated, leading to unauthorized access to the user's NotebookLM account and potentially other Google services. Implement secure handling of extracted credentials. Ensure the `nlm` tool is thoroughly vetted for security vulnerabilities, especially regarding how it stores, transmits, and protects these cookies. Consider exploring more secure authentication methods like OAuth tokens with limited scope instead of direct cookie extraction, if available for NotebookLM. | LLM | SKILL.md:26 | |
| MEDIUM | Missing required field: name The 'name' field is required for claude_code skills but is missing from frontmatter. Add a 'name' field to the SKILL.md frontmatter. | Static | skills/oconnell-carl/notebooklm-cli/SKILL.md:1 | |
| MEDIUM | Skill requests broad access to Google Drive content The skill's documentation indicates it can access and process content from the user's Google Drive through commands like `nlm source add <id> --drive <doc-id>` and `nlm research start "query" --notebook-id <id> --source drive`. This implies the `nlm` tool will request and be granted permissions to read potentially sensitive user files stored in Google Drive. Broad access to user files increases the attack surface and could lead to data exposure or exfiltration if the skill or the underlying `nlm` tool is compromised or misused. Clearly define and limit the scope of Google Drive permissions requested by the `nlm` tool to only what is strictly necessary for its stated functionality. Inform users explicitly about the extent of data access and provide options for granular control over which Drive files or folders the skill can access. Implement robust data handling and access control mechanisms within the `nlm` tool. | LLM | SKILL.md:80 |
Scan History
Embed Code
[](https://skillshield.io/report/baeb1cca0a6daff6)
Powered by SkillShield