granola-incident-runbook

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow explicitly instructs fetching and checking public endpoints (e.g., "curl -s https://status.granola.ai/api/v2/status.json" in SKILL.md and references/implementation.md) and uses that external status content to determine severity and next actions, so it ingests untrusted third-party web content that can influence decisions.