Oathe Security Badge

Is 222dotcrypto/tg-to-notebooklm safe?

https://github.com/222dotcrypto/tg-to-notebooklm

95
SAFE

This is a legitimate utility skill for converting Telegram Desktop chat exports to Google NotebookLM format. The skill operates as documented with no malicious behavior detected, though users should be aware it uploads chat data to an external service as part of its intended functionality.

Category Scores

Prompt Injection 95/100 · 30%
Data Exfiltration 90/100 · 25%
Code Execution 100/100 · 20%
Clone Behavior 95/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 90/100 · 5%

Findings (3)

MEDIUM Uploads user chat data to external service -10

The skill processes Telegram chat exports and uploads the text content to Google NotebookLM via API calls. While this is the intended functionality, users should be aware that their chat data will be sent to an external service.

LOW Complex multi-step skill -5

The skill contains detailed multi-step instructions that could be harder to audit thoroughly. However, no malicious prompt injection patterns were detected.

INFO Uses Russian language content 0

The skill documentation is primarily in Russian, which is appropriate for a Telegram-related tool but worth noting for users who cannot read Russian.