obsidian-granola

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill directly fetches AI summaries and verbatim meeting transcripts from Granola via the Granola MCP tools (mcp_granola_get_meetings and mcp_granola_get_meeting_transcript), which are untrusted, user-generated third‑party content that the agent reads and uses to generate titles, frontmatter, notes, and subsequent file actions — creating a clear path for indirect prompt injection.