Skip to content

Pantheon-Security/notebooklm-mcp-secure

v2026.1.7 Security

This release includes 1 security fix for security teams reviewing exposed deployments.

Published 4mo MCP Security & Auth
✓ No known CVEs patched
Read the diff → Tool health → What is this tool? →
This release patches 1 known CVE

Topics

ai automation browser-automation claude google llm
+5 more
mcp model-context-protocol notebooklm research typescript

Affected surfaces

deps

Summary

AI summary

Session‑scoped OTP cooldowns close an abuse vector and usage alerts warn owners before billing caps hit.

Full changelog

What's New in v2026.1.7

Features - MCP Protocol UX Enhancements

Tool Enhancements (43 tools)

  • 🎨 Icons - All tools now have SVG icons for visual identification
  • 📝 Titles - Human-friendly display names (e.g., "Ask NotebookLM" instead of "ask_question")
  • 🏷️ Behavior Annotations - Hints for client decision-making:
    • readOnlyHint - Tool only reads data
    • destructiveHint - Tool can delete data
    • idempotentHint - Safe to call repeatedly
    • openWorldHint - Interacts with external services
  • ⏱️ Task Support - deep_research declares taskSupport: "optional" for long-running operations

Resource Enhancements

  • 🎨 Icons for library, notebooks, and metadata resources
  • 📝 Human-friendly titles
  • 🏷️ Annotations with audience, priority, and lastModified

New Prompts

  • notebooklm.auth-setup - Initial authentication guide
  • notebooklm.auth-repair - Troubleshooting guide
  • notebooklm.quick-start - Getting started guide
  • notebooklm.security-overview - Security features documentation

Dependencies Updated

  • @modelcontextprotocol/sdk → 1.25.3
  • @google/genai → 1.38.0
  • patchright → 1.57.0
  • tsx → 4.21.0

Security

  • Fixed 3 npm audit vulnerabilities (body-parser, hono, qs)

Full Changelog

https://github.com/Pantheon-Security/notebooklm-mcp-secure/compare/v2026.1.6...v2026.1.7

Security Fixes

  • Authflow cooldowns now session-scoped — closes abuse vector where users changed phone/email mid-flow to reset OTP cooldowns
View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track Pantheon-Security/notebooklm-mcp-secure

Get notified when new releases ship.

Sign up free

About Pantheon-Security/notebooklm-mcp-secure

Security-hardened NotebookLM MCP with post-quantum encryption (ML-KEM-768), GDPR/SOC2/CSSF compliance, and 14 security layers. Query Google's Gemini-grounded research from Claude and AI agents.

All releases →

Related context

Beta — feedback welcome: [email protected]