granola-security-basics
Pass
Audited by Gen Agent Trust Hub on Mar 23, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves as a security implementation guide for protected data handling. No prompt injection or safety bypass instructions were identified.
- [SAFE]: The skill contains no hardcoded credentials or sensitive file path access. External links are verified as official security and trust center pages for Granola.
- [SAFE]: No obfuscation, dynamic code generation, or remote script downloads are present.
- [SAFE]: Regarding indirect prompt injection: 1. Ingestion points: Assessment of security configurations and review of meeting notes (SKILL.md). 2. Boundary markers: Absent. 3. Capability inventory: Read, Write, and Edit tools for file management. 4. Sanitization: Absent. The surface is consistent with the skill's purpose of security auditing and data redaction.
Audit Metadata