Skills
skills/lox/granola-cli/granola/Gen Agent Trust Hub

granola

Pass

Audited by Gen Agent Trust Hub on Mar 7, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill suggests installing the granola-cli tool from the author's GitHub repository (github.com/lox/granola-cli).
  • [COMMAND_EXECUTION]: The skill utilizes the granola-cli bash tool to retrieve and manage meeting data.
  • [PROMPT_INJECTION]: The skill presents a surface for indirect prompt injection by processing external data from meeting transcripts and notes.
  • Ingestion points: Meeting content is retrieved via granola-cli query, meetings view, and meetings transcript commands as defined in SKILL.md.
  • Boundary markers: No specific delimiters or instructions are used to separate meeting content from agent instructions.
  • Capability inventory: The skill is authorized to execute Bash commands within the granola-cli:* scope.
  • Sanitization: There is no evidence of content sanitization or filtering before the data is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 7, 2026, 07:05 AM