Skills
skills/jeremylongshore/claude-code-plugins-plus-skills/granola-sdk-patterns/Gen Agent Trust Hub

granola-sdk-patterns

Pass

Audited by Gen Agent Trust Hub on Mar 13, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [SAFE]: The skill provides integration patterns and documentation for connecting Granola with well-known, trusted services including Zapier, Notion, Slack, and HubSpot.
  • [PROMPT_INJECTION]: The skill describes automation workflows that ingest and process untrusted meeting data, creating a surface for indirect prompt injection.
  • Ingestion points: Workflow templates in SKILL.md ingest meeting content through placeholders such as {{note_content}}, {{summary}}, and {{action_items}}.
  • Boundary markers: There are no explicit boundary markers or delimiters defined in the templates to prevent the agent from obeying instructions potentially hidden in the ingested meeting notes.
  • Capability inventory: The skill specifies access to Bash(curl:*), Read, Write, and Edit tools in its YAML frontmatter.
  • Sanitization: No sanitization or filtering of the external meeting content is described before it is interpolated into downstream actions, such as the OpenAI email generation step.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 13, 2026, 12:19 PM