NotebookLM MCP Server (Security Hardened) provides a secure, feature-rich MCP implementation for managing NotebookLM notebooks and workflows without relying on an API key. It bundles enterprise-grade security layers, post-quantum encryption, and full Gemini/API integration options, enabling you to query notebooks, create and manage notebooks programmatically, generate audio and video overviews, and extract structured data tables from sources. The server exposes a suite of tools across core NotebookLM functionality (e.g., ask_question, create_notebook, generate_audio_overview) along with optional Gemini-based deep research capabilities and a Document API for uploading and querying PDFs. You can interact with the server via the MCP protocol, leveraging session management, quotas, and audit-friendly operations designed for enterprise use.

To use it, install via the recommended npx command and start the MCP server within your environment. Once running, you can call the included tools to query notebooks with source-grounded answers, programmatically create and organize notebooks, generate summaries and multimedia overviews, and export or query data tables. If you opt into Gemini Deep Research or the Document API, you’ll gain access to advanced research queries, document uploads, and cross-document querying, all while maintaining security and compliance postures.

Prerequisites:

• Node.js installed on your system (recommended latest LTS)
• Internet access to fetch the MCP package via npx

Installation steps:

1. Verify Node.js version: node -v npm -v
2. Install and start the NotebookLM MCP Server (Security Hardened) using npx: claude mcp add notebooklm -- npx @pan-sec/notebooklm-mcp@latest

   Alternatively, directly via npx:

   npx @pan-sec/notebooklm-mcp@latest
3. Follow on-screen prompts (if any) to complete setup, including credentials and initial authentication
4. Once started, note the MCP server name (notebooklm-secure) and use MCP clients to connect using the MCP protocol

Optional:

• Configure Gemini API key if you plan to use Gemini Deep Research features
• Enable Document API by providing necessary environment variables or configuration as documented in the repository

Additional tips:

• Keep the MCP package up to date with the latest security patches (use @latest or a known stable version)
• Review SECURITY.md and COMPLIANCE docs for organization-specific requirements

Tips and considerations:

• This MCP server emphasizes security: post-quantum encryption, audit logs, and secrets scanning as part of its 14-layer security model. Ensure you review the SECURITY.md for operational guidance.
• If you enable Gemini Deep Research, securely manage your GEMINI_API_KEY and restrict access to privileged users.
• The Document API allows uploading and querying PDFs without a browser—plan storage and retention policies accordingly.
• When using quotas and session tools, monitor usage to avoid unexpected throttling or data loss in long-running notebooks workflows.
• For enterprise deployments, consider integrating with your existing identity provider and logging/SIEM systems to maximize traceability.