← 返回 Skills 市场
1183
总下载
0
收藏
0
当前安装
5
版本数
在 OpenClaw 中安装
/install notebooklm-cli-cookies
功能描述
Search and answer questions over documents already uploaded to NotebookLM using the nlm CLI. Use when users ask to find information, summarize sources, or query a specific NotebookLM notebook.
安全使用建议
This skill is functionally coherent but includes powerful helper scripts that: (1) accept and write your NotebookLM Google cookies (cookies.json/metadata.json); (2) can pull that auth JSON from an AWS Secrets Manager secret if you provide NOTEBOOKLM_AUTH_SECRET_ID and AWS credentials; and (3) can install packages and create systemd drop-ins on your VPS. Before installing or running the bootstrap: - Inspect the scripts top-to-bottom and run them only on machines you control. - Do not run the bootstrap on shared or untrusted hosts. - If you will use the AWS secret path, grant the minimal IAM permissions needed (secretsmanager:GetSecretValue) scoped to the specific secret; do not reuse high-privilege AWS credentials. - Keep auth JSON and cookies out of version control; follow the docs' recommendations for file permissions. - If you only need the skill for ad-hoc local queries, avoid running the systemd/bootstrap flow and instead manually place cookies.json/metadata.json into NOTEBOOKLM_MCP_CLI_PATH and set that env var. - If unsure about the author/source (owner ID unknown, no homepage), prefer manual setup over running the provided bootstrap.
功能分析
Type: OpenClaw Skill
Name: notebooklm-cli-cookies
Version: 0.1.4
The skill is classified as suspicious due to a significant command injection vulnerability identified in `SKILL.md`. The instructions explicitly tell the AI agent to "Always execute exactly: `nlm <args>` via Exec" where `<args>` are derived from user input (e.g., Telegram `/nlm ...`). This allows an attacker to potentially inject arbitrary shell commands, leading to Remote Code Execution (RCE). While the `scripts/aws-inject-notebooklm-auth.sh` and `scripts/bootstrap_vps_systemd_one_liner.sh` handle sensitive authentication data and perform system-level modifications (including systemd persistence), these actions appear to be aligned with the stated purpose of installing and configuring the NotebookLM CLI skill, and do not show clear malicious intent like unauthorized exfiltration or backdoors.
能力评估
Purpose & Capability
The skill's stated purpose (query NotebookLM via the nlm CLI) matches the declared runtime requirement (nlm binary and NOTEBOOKLM_MCP_CLI_PATH). However included helper scripts perform system bootstrap, install packages, and optionally fetch secrets from AWS; these system-level capabilities are broader than the simple query purpose and are not declared in the minimal metadata.
Instruction Scope
SKILL.md runtime instructions are narrowly scoped to running nlm and checking NOTEBOOKLM_MCP_CLI_PATH, and explicitly instruct not to use web or local files beyond NotebookLM. But the repository also ships injector and bootstrap scripts that read/write auth JSON, may call aws CLI, and will modify system configuration when executed. Those scripts introduce additional runtime behaviors that are not covered in the SKILL.md 'hard rules' and are therefore out-of-band relative to the runtime instructions.
Install Mechanism
There is no automatic install spec, but the provided bootstrap script will run apt-get, pipx/pip installs, npm/pnpm installs, create systemd drop-ins, and add groups/users — actions requiring sudo and affecting system state. While reasonable for a self-hosted VPS installation, these are high-impact operations and should not be executed without reviewing the script and running it only in a trusted environment.
Credentials
The skill metadata declares only NOTEBOOKLM_MCP_CLI_PATH, but the injector/bootstrap scripts accept and use multiple other inputs (NOTEBOOKLM_AUTH_SECRET_FILE, NOTEBOOKLM_AUTH_SECRET_JSON, NOTEBOOKLM_AUTH_SECRET_ID and AWS_REGION/AWS_DEFAULT_REGION, NOTEBOOKLM_AUTH_FILE, etc.). Those inputs can grant access to sensitive Google cookies and allow the script to fetch secrets from AWS Secrets Manager — privileges that are sensitive and should be explicitly declared and scoped (least privilege).
Persistence & Privilege
The bootstrap script can install a helper injector, modify ~/.openclaw/openclaw.json to inject environment variables, create /etc/openclaw/notebooklm-auth.json, change group membership, and install a systemd drop-in that runs the injector on service start. Although the skill itself is not flagged always:true, these actions give the skill persistent integration into system services and require careful review before use.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install notebooklm-cli-cookies - 安装完成后,直接呼叫该 Skill 的名称或使用
/notebooklm-cli-cookies触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.1.4
Update Bootstrap - fix bad substitution.
v0.1.3
Update GUIDELINE.
v0.1.2
Stabilize installation flow with pipx/jq and simplified bootstrap.
v0.1.1
Add VPS systemd bootstrap; support auth file input.
v0.1.0
Initial release
元数据
常见问题
NotebookLM CLI Cookies 是什么?
Search and answer questions over documents already uploaded to NotebookLM using the nlm CLI. Use when users ask to find information, summarize sources, or query a specific NotebookLM notebook. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 1183 次。
如何安装 NotebookLM CLI Cookies?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install notebooklm-cli-cookies」即可一键安装,无需额外配置。
NotebookLM CLI Cookies 是免费的吗?
是的,NotebookLM CLI Cookies 完全免费(开源免费),可自由下载、安装和使用。
NotebookLM CLI Cookies 支持哪些平台?
NotebookLM CLI Cookies 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 NotebookLM CLI Cookies?
由 lhquangit(@lhquangit)开发并维护,当前版本 v0.1.4。
推荐 Skills