Skills
skills/sundial-org/awesome-openclaw-skills/granola/Gen Agent Trust Hub

granola

Pass

Audited by Gen Agent Trust Hub on Mar 24, 2026

Risk Level: SAFEDATA_EXFILTRATIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [DATA_EXFILTRATION]: The skill accesses a sensitive local file at ~/Library/Application Support/Granola/supabase.json to retrieve authentication tokens for the Granola API. This is the intended purpose of the skill to enable data synchronization and is considered safe behavior for this context.
  • [EXTERNAL_DOWNLOADS]: The Python sync script communicates with api.granola.ai using the user's personal access tokens to fetch meeting metadata, transcripts, and summaries. This targets the official service provider and is part of the core functionality.
  • [COMMAND_EXECUTION]: The skill provides various bash and jq commands for listing, searching, and filtering meeting data stored on the local disk. These commands operate on the user's synchronized data and do not involve suspicious execution patterns.
  • [EXTERNAL_DOWNLOADS]: Requires the installation of the standard requests Python library to handle API communication.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 24, 2026, 12:25 AM