The Agent Skills Directory

[COMMAND_EXECUTION]: The scripts scripts/notebooklm_gate.py and scripts/notebooklm_slide_deck.py utilize the subprocess.run method to execute a local CLI tool named notebooklm. This tool is used to manage NotebookLM notebooks, upload sources, and generate presentations. The commands are implemented using list-based arguments, which is a secure practice that prevents shell injection vulnerabilities.
[EXTERNAL_DOWNLOADS]: The scripts/extract.py script performs network operations to fetch news article content from external URLs provided by search results. It uses the trafilatura library and the playwright headless browser to retrieve and process HTML. This behavior is necessary for the skill's primary functionality of scraping and verifying news articles.
[PROMPT_INJECTION]: The skill processes untrusted content from external news articles, which introduces a surface for indirect prompt injection attacks. To mitigate this risk, the scripts (such as scripts/notebooklm_gate.py) use constrained prompts that explicitly instruct the AI to generate summaries and analysis based only on the provided source text, acting as a boundary marker against instructions embedded in the articles.

news-scrap-codex