skills/jeremylongshore/claude-code-plugins-plus-skills/granola-migration-deep-dive/Gen Agent Trust Hub
granola-migration-deep-dive
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides Python scripts (
convert_otter_to_granola,batch_convert) to automate file conversion between formats. These scripts utilize standard libraries for file system operations. - [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it ingests untrusted meeting transcripts and interpolates them into Markdown notes without sanitization or protective delimiters.
- Ingestion points: The file reading functions in the provided Python conversion scripts in SKILL.md.
- Boundary markers: The generated Markdown templates do not include markers or instructions to disregard embedded commands.
- Capability inventory: The skill is granted Read, Write, and Edit permissions, which allows it to modify files in the workspace based on the processed data.
- Sanitization: No input validation or character escaping is performed on the transcript content before it is processed.
Audit Metadata