notebooklm

SUSPICIOUS: the skill is broadly aligned with NotebookLM automation, but it relies on an unofficial third-party CLI to handle Google authentication and data, uses an unpinned package install, and processes untrusted external content with agent action capability. This looks more like a high-risk unofficial integration than outright malware.