The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The environment setup script (setup_environment.py) downloads the Google Chrome browser to ensure a consistent and reliable environment for browser automation. This is a standard operation for tools using the Patchright/Playwright framework to interact with web services like NotebookLM.
[COMMAND_EXECUTION]: The skill uses a wrapper script (run.py) and a setup script (setup_environment.py) that utilize subprocess calls to create a virtual environment, install dependencies from requirements.txt, and execute modular scripts. This architecture ensures that the skill runs in an isolated and correctly configured environment.
[DATA_EXFILTRATION]: The skill manages sensitive authentication data, including session cookies and browser profiles, stored locally in the ~/.claude/skills/notebooklm/data/ directory. This data is used to maintain persistent sessions with Google services and is not transmitted to any unauthorized third-party domains. The inclusion of cleanup_manager.py allows users to audit and delete this data as needed.
[PROMPT_INJECTION]: The skill represents a surface for indirect prompt injection as it retrieves and processes content from an external source (Google NotebookLM).
Ingestion points: Text content is extracted from the NotebookLM web interface via scripts/ask_question.py and returned to the agent.
Boundary markers: The skill does not use specific delimiters or protective instructions to wrap the retrieved text, although it appends a structural follow-up reminder.
Capability inventory: The agent has the capability to execute the provided Python scripts which can read/write to the local data directory and perform network operations through the automated browser.
Sanitization: No explicit sanitization or filtering is applied to the retrieved text before it is passed back to the agent.

notebooklm