npm - @pan-sec/notebooklm-mcp - Versions diffs - 2026.1.5 → 2026.1.6 - Mend

@pan-sec/notebooklm-mcp 2026.1.5 → 2026.1.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/README.md +106 -2
package/docs/MCP-DIRECTORY-LISTINGS.md +23 -116
package/docs/SECURITY-FORK-OPPORTUNITIES.md +79 -0
package/package.json +1 -1
package/server.json +2 -2

package/README.md CHANGED Viewed

@@ -580,9 +580,106 @@ Add to `~/.cursor/mcp.json`:
 ```
 </details>
+<details>
+<summary>Google Antigravity</summary>
+Add to `~/.gemini/antigravity/mcp_config.json` (macOS/Linux) or `%USERPROFILE%\.gemini\antigravity\mcp_config.json` (Windows):
+```json
+{
+  "mcpServers": {
+    "notebooklm": {
+      "command": "npx",
+      "args": ["-y", "@pan-sec/notebooklm-mcp@latest"]
+    }
+  }
+}
+```
+With optional env vars:
+```json
+{
+  "mcpServers": {
+    "notebooklm": {
+      "command": "npx",
+      "args": ["-y", "@pan-sec/notebooklm-mcp@latest"],
+      "env": {
+        "GEMINI_API_KEY": "your-gemini-api-key"
+      }
+    }
+  }
+}
+```
+> **Note:** Antigravity does NOT support `${workspaceFolder}` variables. Use absolute paths.
+</details>
+<details>
+<summary>OpenCode</summary>
+Add to `~/.config/opencode/opencode.json` (global) or `opencode.json` in project root:
+```json
+{
+  "$schema": "https://opencode.ai/config.json",
+  "mcp": {
+    "notebooklm": {
+      "type": "local",
+      "command": ["npx", "-y", "@pan-sec/notebooklm-mcp@latest"],
+      "enabled": true,
+      "environment": {
+        "GEMINI_API_KEY": "your-gemini-api-key"
+      }
+    }
+  }
+}
+```
+> **Note:** OpenCode uses `"mcp"` (not `"mcpServers"`) and `"command"` is an array.
+</details>
+<details>
+<summary>Windsurf</summary>
+Add to `~/.codeium/windsurf/mcp_config.json`:
+```json
+{
+  "mcpServers": {
+    "notebooklm": {
+      "command": "npx",
+      "args": ["-y", "@pan-sec/notebooklm-mcp@latest"],
+      "env": {
+        "GEMINI_API_KEY": "your-gemini-api-key"
+      }
+    }
+  }
+}
+```
+</details>
+<details>
+<summary>VS Code + Copilot</summary>
+Add to your VS Code `settings.json`:
+```json
+{
+  "mcp": {
+    "servers": {
+      "notebooklm": {
+        "command": "npx",
+        "args": ["-y", "@pan-sec/notebooklm-mcp@latest"],
+        "env": {
+          "GEMINI_API_KEY": "your-gemini-api-key"
+        }
+      }
+    }
+  }
+}
+```
+</details>
 <details>
 <summary>Other MCP Clients</summary>
+Most MCP clients use this standard format:
 ```json
 {
   "mcpServers": {
@@ -590,14 +687,21 @@ Add to `~/.cursor/mcp.json`:
       "command": "npx",
       "args": ["-y", "@pan-sec/notebooklm-mcp@latest"],
       "env": {
-        "NLMCP_AUTH_ENABLED": "true",
-        "NLMCP_AUTH_TOKEN": "your-secure-token",
         "GEMINI_API_KEY": "your-gemini-api-key"
       }
     }
   }
 }
 ```
+**Common config locations:**
+| Client | Config File |
+|--------|-------------|
+| Claude Desktop | `~/.config/claude/claude_desktop_config.json` |
+| Cursor | `~/.cursor/mcp.json` |
+| Antigravity | `~/.gemini/antigravity/mcp_config.json` |
+| OpenCode | `~/.config/opencode/opencode.json` |
+| Windsurf | `~/.codeium/windsurf/mcp_config.json` |
 </details>
 ---

package/docs/MCP-DIRECTORY-LISTINGS.md CHANGED Viewed

@@ -10,39 +10,15 @@ Track where `@pan-sec/notebooklm-mcp` is listed and submission progress.
 | Directory | Status | URL | Notes |
 |-----------|--------|-----|-------|
+| [Official MCP Registry](https://registry.modelcontextprotocol.io/) | ✅ Listed | io.github.Pantheon-Security/notebooklm-mcp-secure | Published 2026-01-24 |
 | [Glama.ai](https://glama.ai/mcp/servers) | ✅ Listed | [View Listing](https://glama.ai/mcp/servers/@Pantheon-Security/notebooklm-mcp-secure) | Auto-indexed from GitHub |
-| [awesome-mcp-servers](https://github.com/punkpeye/awesome-mcp-servers) | ⚠️ Partial | chrome-mcp-secure only | Need to add notebooklm-mcp-secure |
+| [PulseMCP](https://www.pulsemcp.com/servers) | ✅ Listed | [View Listing](https://www.pulsemcp.com/servers/pantheon-security-notebooklm-secure) | Auto-indexed, #601 this week |
+| [awesome-mcp-servers](https://github.com/punkpeye/awesome-mcp-servers) | ⏳ PR Pending | [PR #1735](https://github.com/punkpeye/awesome-mcp-servers/pull/1735) | Submitted 2026-01-24 |
 ---
 ## Pending Submissions
-### Priority 1: High Impact
-#### Official MCP Registry
-- **URL:** https://registry.modelcontextprotocol.io/
-- **Submit via:** PR to https://github.com/modelcontextprotocol/registry
-- **Status:** ⏳ Not submitted
-- **Notes:** Official registry backed by Anthropic, GitHub, Microsoft. High visibility.
-- **Submission Guide:** https://registry.modelcontextprotocol.io/docs
-#### awesome-mcp-servers (Add notebooklm)
-- **URL:** https://github.com/punkpeye/awesome-mcp-servers
-- **Submit via:** Pull Request
-- **Status:** ⏳ Not submitted
-- **Notes:** Already have chrome-mcp-secure listed. Add notebooklm under "Knowledge & Memory" section.
-- **Entry to add:**
-```markdown
-- [notebooklm-mcp-secure](https://github.com/Pantheon-Security/notebooklm-mcp-secure) - Security-hardened NotebookLM MCP with post-quantum encryption, GDPR/SOC2 compliance, and 14 security layers. Query Google's Gemini-grounded research from Claude/AI agents.
-```
-#### PulseMCP
-- **URL:** https://www.pulsemcp.com/servers
-- **Size:** 7,900+ servers (largest directory)
-- **Submit via:** Auto-indexed from npm/GitHub or manual submission
-- **Status:** ⏳ Not submitted
-- **Notes:** Check if auto-indexed. If not, contact for listing.
 ### Priority 2: Good Visibility
 #### MCP.so
@@ -57,18 +33,19 @@ Track where `@pan-sec/notebooklm-mcp` is listed and submission progress.
 - **Status:** ⏳ Not submitted
 - **Notes:** Has original notebooklm-mcp, not secure fork.
-#### Smithery.ai
-- **URL:** https://smithery.ai/
-- **Submit via:** Smithery CLI or web submission
-- **Status:** ⏳ Not submitted
-- **CLI:** `npx @anthropic-ai/mcp-registry add`
 #### mcp-get.com
 - **URL:** https://mcp-get.com/
 - **Submit via:** Package registry submission
 - **Status:** ⏳ Not submitted
 - **Notes:** Package manager style directory.
+### Requires Hosted Server
+#### Smithery.ai
+- **URL:** https://smithery.ai/
+- **Status:** ❌ Requires remote hosting
+- **Notes:** Server/Client style MCP. Would need to deploy notebooklm-mcp as a hosted service.
 ### Priority 3: Niche/Emerging
 #### Azure API Center
@@ -85,99 +62,29 @@ Track where `@pan-sec/notebooklm-mcp` is listed and submission progress.
 ---
-## Submission Templates
-### GitHub PR Template (awesome lists)
-```markdown
-## Add notebooklm-mcp-secure
-### Description
-Adding security-hardened NotebookLM MCP server to the Knowledge & Memory section.
-### Server Details
-- **Name:** notebooklm-mcp-secure
-- **GitHub:** https://github.com/Pantheon-Security/notebooklm-mcp-secure
-- **npm:** @pan-sec/notebooklm-mcp
-- **Category:** Knowledge & Memory / Research
-### Features
-- Query Google NotebookLM from Claude/AI agents
-- Post-quantum encryption (ML-KEM-768 + ChaCha20-Poly1305)
-- GDPR, SOC2, CSSF compliance tools
-- 14 security hardening layers
-- Gemini Deep Research API integration
-### Checklist
-- [x] Server is open source
-- [x] Server is actively maintained
-- [x] Server has documentation
-- [x] Server is published on npm
-```
-### Registry JSON Template
-```json
-{
-  "name": "@pan-sec/notebooklm-mcp",
-  "description": "Security-hardened MCP server for NotebookLM with post-quantum encryption and enterprise compliance",
-  "repository": "https://github.com/Pantheon-Security/notebooklm-mcp-secure",
-  "homepage": "https://github.com/Pantheon-Security/notebooklm-mcp-secure#readme",
-  "keywords": [
-    "mcp",
-    "notebooklm",
-    "gemini",
-    "security",
-    "post-quantum",
-    "gdpr",
-    "soc2",
-    "compliance",
-    "claude"
-  ],
-  "categories": ["research", "knowledge", "security"],
-  "author": "Pantheon Security",
-  "license": "MIT"
-}
-```
----
-## Tracking Progress
+## Completed
-### Completed
+- [x] Official MCP Registry - Published 2026-01-24
 - [x] Glama.ai - Auto-listed
-### In Progress
-- [ ] awesome-mcp-servers PR
-- [ ] Official MCP Registry submission
-- [ ] PulseMCP check/submission
-### Backlog
-- [ ] MCP.so
-- [ ] MCPServers.org
-- [ ] Smithery.ai
-- [ ] mcp-get.com
+- [x] PulseMCP - Auto-indexed
+- [x] awesome-mcp-servers - PR #1735 submitted
 ---
-## Tips for Submissions
+## Related Projects
-1. **Timing:** Submit after a notable release (like security updates)
-2. **Description:** Lead with security angle - differentiator from original
-3. **Keywords:** Include "security", "enterprise", "compliance", "post-quantum"
-4. **Screenshots:** Consider adding demo GIFs to README for visual directories
-5. **Stars:** 14 stars shows traction - mention in submissions
+| Project | Directories Listed |
+|---------|-------------------|
+| [chrome-mcp-secure](https://github.com/Pantheon-Security/chrome-mcp-secure) | awesome-mcp-servers ✅ |
+| [notebooklm-mcp-secure](https://github.com/Pantheon-Security/notebooklm-mcp-secure) | Official Registry ✅, Glama ✅, PulseMCP ✅ |
 ---
-## Related Projects to Cross-List
-Also submit these Pantheon Security MCP servers:
+## Stats
-| Project | Directories Listed |
-|---------|-------------------|
-| [chrome-mcp-secure](https://github.com/Pantheon-Security/chrome-mcp-secure) | awesome-mcp-servers ✅ |
-| [notebooklm-mcp-secure](https://github.com/Pantheon-Security/notebooklm-mcp-secure) | Glama ✅ |
+- **PulseMCP Rank:** #601 this week, #3,227 global
+- **GitHub Stars:** 14
+- **npm:** @pan-sec/notebooklm-mcp v2026.1.5
 ---

package/docs/SECURITY-FORK-OPPORTUNITIES.md ADDED Viewed

@@ -0,0 +1,79 @@
+# Security Fork Opportunities
+MCP servers that could benefit from Pantheon Security hardening.
+**Last Updated:** 2026-01-24
+---
+## High Priority (High Traffic + High Risk)
+| Rank | Server | Weekly Visitors | Security Gaps | Effort |
+|------|--------|-----------------|---------------|--------|
+| #4 | **Filesystem** (Anthropic) | 193K | No sandboxing, no path validation, no audit logging | Medium |
+| #18 | **PostgreSQL** (Anthropic) | 31.8K | SQL injection risk, no query validation, no audit trails | Medium |
+| #17 | **MongoDB** (MongoDB Inc.) | 35.6K | NoSQL injection, data exfiltration, no encryption | Medium |
+| #12 | **Git** (Anthropic) | 66.8K | Command execution, credential exposure, repo tampering | Medium |
+| #19 | **Supabase** (Supabase) | 40.5K | Database + auth, credential exposure, API key leaks | High |
+---
+## Medium Priority (Good Traffic + Moderate Risk)
+| Rank | Server | Weekly Visitors | Security Gaps | Effort |
+|------|--------|-----------------|---------------|--------|
+| #3 | **Fetch** (Anthropic) | 249K | URL validation, SSRF risks, data exfiltration | Low |
+| #7 | **Claude Flow** (ruvnet) | 163K | Agent orchestration, prompt injection, privilege escalation | High |
+| #8 | **Playwriter** (Community) | 129K | Browser automation, credential capture, DOM injection | Medium |
+| #20 | **Notion** (Notion) | 26.7K | API key exposure, data access logging | Low |
+| #16 | **Zapier** (Zapier) | 48.9K | 8000+ app integrations, credential management | High |
+---
+## Already Covered
+| Server | Pantheon Fork | Status |
+|--------|---------------|--------|
+| Chrome/Playwright | [chrome-mcp-secure](https://github.com/Pantheon-Security/chrome-mcp-secure) | ✅ Published |
+| NotebookLM | [notebooklm-mcp-secure](https://github.com/Pantheon-Security/notebooklm-mcp-secure) | ✅ Published |
+---
+## Security Layers to Add
+Standard Pantheon Security hardening:
+1. **Input Validation** - Zod schemas, path traversal prevention
+2. **Audit Logging** - Hash-chained logs, SIEM integration
+3. **Post-Quantum Encryption** - ML-KEM-768 + ChaCha20-Poly1305
+4. **Credential Protection** - Secrets scanning, memory scrubbing
+5. **Rate Limiting** - Abuse prevention
+6. **Compliance Tools** - GDPR consent, SOC2 evidence, CSSF retention
+7. **Session Security** - Timeouts, MCP authentication
+8. **Response Validation** - Output sanitization
+---
+## Recommended First Target
+**filesystem-mcp-secure**
+- Highest risk (direct file system access)
+- Large user base (193K weekly)
+- Clear value prop: "Secure file access with sandboxing and audit trails"
+- Anthropic's official = credibility for fork
+---
+## Research Links
+| Server | GitHub |
+|--------|--------|
+| Filesystem | https://github.com/modelcontextprotocol/servers/tree/main/src/filesystem |
+| PostgreSQL | https://github.com/modelcontextprotocol/servers/tree/main/src/postgres |
+| Git | https://github.com/modelcontextprotocol/servers/tree/main/src/git |
+| MongoDB | https://github.com/mongodb/mcp-server |
+| Fetch | https://github.com/modelcontextprotocol/servers/tree/main/src/fetch |
+---
+*Track progress and prioritize based on enterprise customer demand.*

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@pan-sec/notebooklm-mcp",
-  "version": "2026.1.5",
+  "version": "2026.1.6",
   "mcpName": "io.github.Pantheon-Security/notebooklm-mcp-secure",
   "description": "Security-hardened MCP server for NotebookLM API with enterprise compliance (GDPR, SOC2, CSSF)",
   "type": "module",

package/server.json CHANGED Viewed

@@ -2,7 +2,7 @@
   "$schema": "https://static.modelcontextprotocol.io/schemas/2025-12-11/server.schema.json",
   "name": "io.github.Pantheon-Security/notebooklm-mcp-secure",
   "description": "Security-hardened NotebookLM MCP with post-quantum encryption",
-  "version": "2026.1.5",
+  "version": "2026.1.6",
   "repository": {
     "url": "https://github.com/Pantheon-Security/notebooklm-mcp-secure",
     "source": "github"
@@ -11,7 +11,7 @@
     {
       "registryType": "npm",
       "identifier": "@pan-sec/notebooklm-mcp",
-      "version": "2026.1.5",
+      "version": "2026.1.6",
       "transport": {
         "type": "stdio"
       }