Scan Report
5 /100
nlm-cli
Automates NotebookLM operations using Jacob Brown's notebooklm-mcp-cli (nlm command), including notebooks, sources, studio content, downloads, research, and MCP/AI tool configuration.
This is a straightforward, well-documented wrapper skill for the open-source `notebooklm-mcp-cli` (nlm) tool. All capabilities — shell execution via spawnSync, CLI installation, and Google account authentication — are explicitly declared in documentation with no hidden functionality.
Safe to install
No action needed. This skill is safe to use.
| Resource | Declared | Inferred | Status | Evidence |
|---|---|---|---|---|
| Shell | WRITE | WRITE | ✓ Aligned | SKILL.md documents wrapper script execution; scripts/nlm.mjs:40 uses spawnSync t… |
| Filesystem | NONE | NONE | — | No filesystem access beyond skill directory; no sensitive paths accessed |
| Network | NONE | NONE | — | No outbound network calls from wrapper; nlm CLI itself makes API calls to Google… |
| Environment | NONE | NONE | — | Reads NLM_BIN env var and PATH only — standard for resolving executables, no sen… |
| Skill Invoke | NONE | NONE | — | No cross-skill invocation |
| Clipboard | NONE | NONE | — | Not accessed |
| Browser | NONE | NONE | — | nlm CLI uses browser-based CDP auth (OpenClaw) which is declared in docs, but th… |
| Database | NONE | NONE | — | Not accessed |
1 findings
Medium External URL 外部 URL
http://127.0.0.1:18800 references/install-and-auth.md:51 File Tree
4 files · 14.2 KB · 339 lines Markdown 3f · 291L
JavaScript 1f · 48L
├─
▾
references
│ ├─
cli-commands.md
Markdown
│ └─
install-and-auth.md
Markdown
├─
▾
scripts
│ └─
nlm.mjs
JavaScript
└─
SKILL.md
Markdown
Dependencies 1 items
| Package | Version | Source | Known Vulns | Notes |
|---|---|---|---|---|
notebooklm-mcp-cli | * | pip / uv tool | No | Jacob Brown's open-source CLI; version not pinned, but this is standard for CLI tools |
Security Positives
✓ All capabilities are explicitly declared in SKILL.md and supporting documentation
✓ No obfuscation, base64-encoded payloads, or anti-analysis techniques
✓ No credential harvesting or environment variable enumeration
✓ No sensitive file/path access (~/.ssh, ~/.aws, .env, etc.)
✓ No remote script execution (curl|bash, wget|sh)
✓ No supply chain risks detected — uses a known public npm/pip package
✓ The wrapper script (scripts/nlm.mjs) is a simple, readable 48-line Node.js script with no hidden logic
✓ stdio inheritance is appropriate for a CLI wrapper tool