granola

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's SKILL.md shows calls to the public Granola API (https://public-api.granola.ai/v1/notes) that explicitly retrieve meeting transcripts and AI/user-generated summaries (e.g., the "Get a Note with Transcript" / include=transcript flow), meaning the agent ingests untrusted user-generated third-party content that could contain instructions.