notebooklm

SUSPICIOUS. The skill's core purpose is coherent, but its footprint is broader than a simple NotebookLM helper: it uses browser automation against the web UI instead of the official API, installs a third-party stealth browser stack, and persists Google session state locally. Data flow appears to stay with Google, so this is not confirmed malware, but the install trust and credential-handling model create meaningful security risk.