The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill requires the installation of the notebooklm-py package from a public registry via uv tool install. This is an unofficial tool not affiliated with or supported by Google.
[COMMAND_EXECUTION]: The skill relies on executing various shell commands to interact with the NotebookLM CLI, including creating notebooks, adding sources, and generating deliverables.
[CREDENTIALS_UNSAFE]: The skill manages sensitive authentication flows through notebooklm login (Google OAuth) and facilitates the handling of authentication JSON data via the NOTEBOOKLM_AUTH_JSON environment variable. It also stores session context in a local file at ~/.notebooklm/context.json.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8). It ingests untrusted data from multiple external ingestion points including web URLs, YouTube video content, and results from 'deep web research' (managed in SKILL.md). This external content is subsequently processed by the agent using capabilities like notebooklm ask or notebooklm generate. There are no specified boundary markers or sanitization procedures to prevent malicious instructions embedded in the external sources from being interpreted by the agent.

notebooklm