Back to MCP Trust Indexm8ven
74
grade C
2 days ago
glama

NotebookLM MCP Server (Security Hardened)

Enables AI agents to interact with Google NotebookLM and Gemini API for document analysis, deep research, and notebook creation with enterprise-grade security including post-quantum encryption and 14 security layers.

Pantheon-Security/notebooklm-mcp-secure· listed on glama

Install from

Glama

M8ven verifies MCPs across every public registry — install directly from whichever one you prefer.

// key findings
⚠️
Known vulnerabilities in dependencies: 1 high
Affects packages this MCP installs at runtime. Upgrade or remove the affected dependency.
No credential exfiltration, no sensitive file access, no obfuscation
Static analysis found nothing flowing your secrets to unexpected places.
Open source with a license and README
Anyone can audit the code, the license is declared, and the publisher documents what it does.
🔐
You'll be asked for 7 credentials: GEMINI_API_KEY, LOGIN_PASSWORD, NLMCP_AUTH_TOKEN, NLMCP_ENCRYPTION_KEY, NLMCP_SIEM_API_KEY, NLMCP_USE_MACHINE_KEY, NLMCP_WEBHOOK_SECRET
These are read from process.env at runtime. Make sure you trust where they’ll be sent.
// required environment variables
This server reads these from process.env. You'll be asked to provide them before it can run.
configAUTO_LOGIN_ENABLED
configAUTO_LOGIN_TIMEOUT_MS
configBROWSER_TIMEOUT
configCOMPUTERNAME
🔐 secretGEMINI_API_KEY### Gemini API (Optional - Requires )
configGEMINI_DEEP_RESEARCH_ENABLEDtrue # Enable Deep Research
configGEMINI_DEFAULT_MODELgemini-3-flash-preview # Default model (was gemini-2.5-flash)
configGEMINI_TIMEOUT_MS30000 # API timeout
configHEADLESS
configHOSTNAME
configLOGIN_EMAIL
🔐 secretLOGIN_PASSWORD
configMAX_DELAY_MS
configMAX_SESSIONS
configMIN_DELAY_MS
configNLMCP_ALERTS_COOLDOWN
configNLMCP_ALERTS_ENABLED
configNLMCP_ALERTS_FILE
configNLMCP_ALERTS_MAX_PER_HOUR
configNLMCP_ALERTS_MIN_SEVERITY
configNLMCP_ALERTS_WEBHOOK_HEADERS
configNLMCP_ALERTS_WEBHOOK_URL
configNLMCP_ALLOWED_DOMAINS
configNLMCP_AUDIT_DIR
configNLMCP_AUDIT_ENABLED
configNLMCP_AUDIT_HASH_CHAIN
configNLMCP_AUDIT_INCLUDE_DETAILS
configNLMCP_AUDIT_RETENTION_DAYS
configNLMCP_AUTH_DISABLED
configNLMCP_AUTH_ENABLEDenv =true \
configNLMCP_AUTH_LOCKOUT_MS
configNLMCP_AUTH_MAX_FAILED
🔐 secretNLMCP_AUTH_TOKENenv =$(openssl rand -base64 32) \
configNLMCP_AUTH_TOKEN_FILE
configNLMCP_BLOCK_ENCODED_PAYLOADS
configNLMCP_BLOCK_PROMPT_INJECTION
configNLMCP_BLOCK_SUSPICIOUS_URLS
configNLMCP_BREACH_DETECTION
configNLMCP_CERT_FAIL_OPEN
configNLMCP_CERT_PINNING
configNLMCP_CERT_REPORT_ONLY
configNLMCP_COMPLIANCE_DIR
configNLMCP_COMPLIANCE_ENABLED
configNLMCP_COMPLIANCE_LOGGING
configNLMCP_COMPLIANCE_RETENTION_YEARS
configNLMCP_CONFIG_DIR
configNLMCP_CONSENT_REQUIRED
configNLMCP_CONSENT_VERSION
configNLMCP_DISCORD_WEBHOOK_URL
configNLMCP_ENCRYPTION_ENABLED
🔐 secretNLMCP_ENCRYPTION_KEYbase64-32-bytes # Optional custom key
configNLMCP_ENCRYPTION_KEY_FILE
configNLMCP_FOLLOW_UP_ENABLED
configNLMCP_FOLLOW_UP_REMINDER
configNLMCP_HEALTH_CHECK_INTERVAL
configNLMCP_HEALTH_MONITORING
configNLMCP_LOCK_STALE_MS
configNLMCP_LOCK_TIMEOUT_MS
configNLMCP_PBKDF2_ITERATIONS
configNLMCP_PRIVACY_NOTICE_URL
configNLMCP_QUERY_LOG_DIR
configNLMCP_QUERY_LOG_ENABLED
configNLMCP_QUERY_LOG_RETENTION_DAYS
configNLMCP_RESPONSE_TIMEOUT_MS
configNLMCP_RESPONSE_VALIDATION
configNLMCP_SECRETS_BLOCKfalse # Block on detection
configNLMCP_SECRETS_IGNORE
configNLMCP_SECRETS_MIN_SEVERITY
configNLMCP_SECRETS_REDACTtrue # Auto-redact
configNLMCP_SECRETS_SCANNING
configNLMCP_SESSION_HARD_TIMEOUT
configNLMCP_SESSION_INACTIVITY1800 # 30 minutes
configNLMCP_SESSION_INACTIVITY_TIMEOUT
configNLMCP_SESSION_MAX_LIFETIME28800 # 8 hours
configNLMCP_SESSION_WARNING_BEFORE
🔐 secretNLMCP_SIEM_API_KEY
configNLMCP_SIEM_BATCH_SIZE
configNLMCP_SIEM_ENABLED
configNLMCP_SIEM_ENDPOINT
configNLMCP_SIEM_EVENT_TYPES
configNLMCP_SIEM_FLUSH_INTERVAL_MS
configNLMCP_SIEM_FORMAT
configNLMCP_SIEM_MIN_SEVERITY
configNLMCP_SIEM_QUEUE_MAX_SIZE
configNLMCP_SIEM_RETRY_ATTEMPTS
configNLMCP_SIEM_SYSLOG_HOST
configNLMCP_SIEM_SYSLOG_PORT
configNLMCP_SLACK_WEBHOOK_URL
🔐 secretNLMCP_USE_MACHINE_KEY
configNLMCP_USE_POST_QUANTUM
configNLMCP_WARN_SUSPICIOUS
configNLMCP_WEBHOOK_EVENTS
🔐 secretNLMCP_WEBHOOK_SECRET
configNLMCP_WEBHOOK_URL
configNOTEBOOKLM_DISABLED_TOOLSComma-separated list of tools to hide
configNOTEBOOKLM_NO_GEMINIv2026.1.11 Notebook sync extraction for new Angular UI, env var
configNOTEBOOKLM_PROFILEstandard # minimal (5 tools) standard (33 tools) full (all 47)
configNOTEBOOK_CLEANUP_ON_SHUTDOWN
configNOTEBOOK_CLEANUP_ON_STARTUP
configNOTEBOOK_CLONE_PROFILEtrue # Clone auth from base profile
configNOTEBOOK_CONTENT_TYPES
configNOTEBOOK_DESCRIPTION
configNOTEBOOK_INSTANCE_MAX_COUNT
configNOTEBOOK_INSTANCE_TTL_HOURS
configNOTEBOOK_PROFILE_STRATEGYisolated # isolatedsingleauto
configNOTEBOOK_TOPICS
configNOTEBOOK_URL
configNOTEBOOK_USE_CASES
configSESSION_TIMEOUT
configSTEALTH_ENABLED
configSTEALTH_HUMAN_TYPING
configSTEALTH_MOUSE_MOVEMENTS
configSTEALTH_RANDOM_DELAYS
configTEST_NOTEBOOK_URL
configTYPING_WPM_MAX
configTYPING_WPM_MIN
// full audit trail
The full breakdown of what we checked, the deductions that landed, the network hosts, the dependency advisories, and concrete fix guidance is available to verified publishers.
// improvement guidance — verified publishers only
We have 5 concrete improvements we can share with the publisher of this MCP. Each comes with specific guidance to raise the trust score.
// embed badge in your README
[![M8ven Score](https://m8ven.ai/badge/mcp/pantheon-security-notebooklm-mcp-secure-1afg7b)](https://m8ven.ai/mcp/pantheon-security-notebooklm-mcp-secure-1afg7b)
commit: 29730978b69f618615953f18a125e2ce28609bf3
code hash: 84068797a01c6827825aa06b96ff88bbfd888f34e61670a11e88a49d5967217a
verified: 4/18/2026, 6:49:11 PM
view raw JSON →