Skills
skills/davila7/claude-code-templates/deep-research-notebooklm/Gen Agent Trust Hub

deep-research-notebooklm

Pass

Audited by Gen Agent Trust Hub on Apr 2, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
  • [SAFE]: The skill is designed for research purposes and uses specific MCP tools to interact with NotebookLM. All core operations match the stated purpose of the skill.
  • [COMMAND_EXECUTION]: The instructions suggest the user run nlm setup add claude-code to prepare the environment. This is a manual configuration step and does not involve automated or hidden execution.
  • [DATA_EXFILTRATION]: The skill transmits user-provided URLs and file content to the NotebookLM platform. This is the intended behavior for the research engine to function, but users should exercise caution with sensitive data.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection due to its core function of ingesting external data.
  • Ingestion points: External URLs and document files are added via source_add and research_import (SKILL.md).
  • Boundary markers: None identified; instructions do not specify delimiters for external content.
  • Capability inventory: Uses notebook_query, research_start, and studio_create to process and act on the ingested data (SKILL.md).
  • Sanitization: No sanitization or validation of the external content is performed before it is queried for insights.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 2, 2026, 03:11 PM