nlm-skill
Pass
Audited by Gen Agent Trust Hub on May 9, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill relies on the nlm CLI tool to perform its operations. It instructs the agent to run commands via Bash to manage notebooks, add sources, and generate content.
- [EXTERNAL_DOWNLOADS]: The skill documentation guides the user to install the notebooklm-mcp-cli package using the uv tool. This package is maintained by the skill author and is required for the intended functionality.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes untrusted data from various external sources.
- Ingestion points: Content is ingested from web URLs, YouTube transcripts, and Google Drive documents as described in SKILL.md and references/workflows.md.
- Boundary markers: Absent; the instructions do not specify delimiters or provide guidance for the agent to ignore instructions embedded within external source material.
- Capability inventory: The skill possesses capabilities for file management, notebook manipulation, and content generation through tool calls and Bash execution.
- Sanitization: Absent; there is no mention of sanitizing or filtering external content before it is added to a notebook or used for generation.
Audit Metadata