sales-granola

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs polling the Granola public API (https://public-api.granola.ai/v1 — e.g., GET /notes and GET /notes/{id}?include=transcript in "Workflow 3: API integration for custom pipeline" and references/platform-guide.md) to fetch user-generated meeting summaries and transcripts and to parse them into downstream pipelines, so untrusted third-party content can be read and materially influence actions.