Skills
skills/elliotjlt/claude-skill-potions/granola-sync/Gen Agent Trust Hub

granola-sync

Pass

Audited by Gen Agent Trust Hub on Mar 10, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses bash to read the Granola application's local cache file (~/Library/Application Support/Granola/cache-v3.json). This access is necessary for the skill to extract meeting metadata and notes for syncing.
  • [PROMPT_INJECTION]: The skill processes user-pasted transcripts, which constitutes an indirect prompt injection surface.
  • Ingestion points: Pasted transcript content in the manual formatting section of SKILL.md.
  • Boundary markers: No delimiters or ignore-instructions are used to isolate user data.
  • Capability inventory: The skill uses bash for file reading and file for writing markdown files.
  • Sanitization: No sanitization is performed on the input data before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 10, 2026, 03:34 AM