Back to skill
Skillv1.1.0
VirusTotal security
Granola Meeting Notes (MCP) · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 30, 2026, 4:26 AM
- Hash
- 023aa1eb51e6ccbc9845cae51800fa02a3382bfcf36d35bc32f9333c4f1779e9
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: granola-mcp Version: 1.1.0 The OpenClaw skill bundle for Granola MCP is benign. It provides tools to access meeting notes and includes a script (`scripts/refresh_token.sh`) for OAuth token refresh. The script reads and updates local configuration files (`config/granola_oauth.json`, `config/mcporter.json`) and makes a `curl` request to the legitimate Granola OAuth token endpoint (`https://mcp-auth.granola.ai/oauth2/token`). All actions, including the `SKILL.md` instructions for the agent to execute the refresh script, are consistent with the stated purpose of managing API access and show no evidence of malicious intent such as data exfiltration to unauthorized endpoints, backdoor installation, or harmful prompt injection.
- External report
- View on VirusTotal