notebooklm-cli

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill accepts arbitrary public URLs (see SKILL.md example and run.py's _dispatch_source add_url which builds nlm args like ["source","add", "", "--url", url]) and passes them to the nlm CLI to fetch/ingest untrusted third‑party web content that can directly influence subsequent notebook queries and report generation.