notebooklm-second-brain

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill instructs the agent to query NotebookLM notebooks (nlm notebook query) that can be populated with arbitrary external URLs (nlm source add --url ) and are used to drive decisions (core directives and deterministic routine), so untrusted public web content ingested into those notebooks could materially influence the agent's behavior.