by 安全扫描
OpenClaw
可疑
medium confidenceNULL
评估建议
What to consider before installing/running this skill:
- Function matches purpose, but review the code first: the skill will create a .venv and download/install Python packages and a browser binary (patchright/chromium) automatically when its scripts run or are imported. Expect network downloads and filesystem changes in the skill folder.
- Persistent Google session: The skill stores a browser profile and state.json (cookies). Those files let the skill act with your Google account session and ...详细分析 ▾
ℹ 用途与能力
The skill's name and description (querying Google NotebookLM via browser automation and persisting auth) align with the included scripts. It legitimately needs browser automation, a persistent profile, and cookie handling to preserve NotebookLM sessions. Minor mismatch: the registry declared no required binaries/env, yet the code auto-installs dependencies and requires real Chrome (not just Chromium) and patchright; this behavior is implemented in the code rather than declared in metadata.
⚠ 指令范围
SKILL.md instructs the agent to open browser sessions, query notebooks (including an automated 'Smart Add' that queries the notebook to discover its contents), and to run follow-up questions repeatedly until 'complete'. These are within the stated purpose but permit autonomous, repeated access to user notebooks and will cause the agent to read and transmit notebook content to the automation process. The instructions also require always using the run.py wrapper; combined with module behavior (see install) this can cause unexpected side effects when code is imported or executed.
⚠ 安装机制
There is no declared install spec in the registry, but the code itself creates a .venv, pip-installs requirements.txt and invokes patchright to install Chromium. Notably, scripts/__init__.py runs ensure_venv_and_run() on import, meaning environment creation and network downloads may happen implicitly when the module is imported or when a script is executed. Downloading browser binaries and packages at runtime is expected for browser automation but increases risk because it fetches external components automatically.
⚠ 凭证需求
The skill declares no required environment variables or primary credential, but it persists and uses Google session cookies in a browser profile and state.json stored under ~/.claude/skills/notebooklm/data/. Those cookies effectively act as credentials and grant broad access to the Google account used (potentially beyond NotebookLM). The code's cookie-injection workaround (manual add_cookies) is plausible for the stated purpose, but storing and reusing session cookies is a high-sensitivity capability that should be proportionally protected and explicitly disclosed to users.
⚠ 持久化与权限
The skill persists a virtual environment, browser profile, and state.json in the skill data directory and can re-use those for later runs. While always:false (not force-installed), the code's import-time behavior that creates/installs the venv and browser can cause persistent changes without explicit separate installation steps. The skill does not modify other skills, but persistent cookie/profile storage grants ongoing access to the user's Google session and should be considered a long-lived privilege.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv0.1.02026/1/27
NULL
● 可疑
安装命令
点击复制官方npx clawhub@latest install notebooklm-skill
镜像加速npx clawhub@latest install notebooklm-skill --registry https://cn.longxiaskill.com