granola-migration-deep-dive

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly instructs fetching exports from third-party services (e.g., "Otter.ai Export" and the Fireflies API curl example) and includes conversion scripts (convert_otter_to_granola, batch_convert) that read and parse user-generated transcripts/summaries—which the agent is expected to ingest and map into Granola fields—so untrusted third-party content could influence migration/import decisions.