granola
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security issues detected. The skill's operations, including command execution and local network calls, are consistent with its primary purpose and leverage the author's own local tools.
- [COMMAND_EXECUTION]: The skill executes the local 'granola' CLI and 'curl' to manage meeting data and transmit event notifications to a local service. These actions are transparently documented as core functionality.
- [DATA_EXFILTRATION]: While the skill processes sensitive meeting content and sends data to an Inngest service, it targets 'http://localhost:8288'. This local network operation does not constitute external data exfiltration.
- [PROMPT_INJECTION]: The skill processes external meeting transcripts, which creates a surface for indirect prompt injection.
- Ingestion points: Verbatim meeting transcripts and notes are ingested via the 'granola meeting' and 'granola search' commands.
- Boundary markers: No explicit markers or instructions to ignore embedded content are defined for the processed transcript data.
- Capability inventory: The skill can execute local binary commands and perform network requests to the local host.
- Sanitization: No explicit sanitization of transcript content is performed prior to processing.
Audit Metadata