granola-deploy-integration

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly describes ingesting and parsing user-generated content from third-party services (e.g., Zapier recipes and the "Multi-Integration Workflows" that read "New Granola Note", Slack/Notion pages, and HubSpot contacts — including parsing @mentions, due dates, and attendee domains) so that that external content directly drives automation and decisions.