ClawHub

Granola Meeting Transcripts

Security checks across malware telemetry and agentic risk

Overview

This skill transparently syncs Granola meetings to local files using the user’s existing Granola desktop session token, with sensitive but purpose-aligned behavior.

Install only if you are comfortable with a local script using your signed-in Granola desktop session to download meeting history. Store the output folder somewhere protected, avoid syncing it to untrusted backups or shared folders, and only enable the cron job if you want ongoing background updates.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (5)

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The setup section tells users to sync meeting transcripts, summaries, and notes to a local folder but does not warn that this may store sensitive business conversations and personal data unencrypted on disk. In a meeting-transcript context, local persistence materially increases confidentiality risk, especially on shared machines, backups, or systems with broad file access.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill states that authentication is read from a local Granola desktop app token file, but it does not clearly warn users that local app tokens will be reused to access cloud meeting data. Reusing desktop auth artifacts can surprise users, widen the blast radius of a compromised workstation, and may bypass normal expectations about explicit re-authentication or account scoping.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The script silently uses a locally stored Granola access token to bulk export meeting metadata, transcripts, and notes, then writes that sensitive content to disk in a default folder. In the context of a skill that accesses meeting transcripts and notes, this is dangerous because it can expose highly confidential business or personal conversations without any explicit user consent prompt, scope restriction, or warning about local storage.

Credential Access

High
Category
Privilege Escalation
Content
def get_token():
    """Get access token from Granola's local auth file."""
    if not SUPABASE_PATH.exists():
        print(f"Error: Auth file not found at {SUPABASE_PATH}")
        print("Make sure Granola is installed and you're signed in.")
Confidence
97% confidence
Finding
access token

Credential Access

High
Category
Privilege Escalation
Content
token = tokens.get("access_token")
    
    if not token:
        print("Error: No access token found. Try signing into Granola again.")
        sys.exit(1)
    
    # Check expiration
Confidence
96% confidence
Finding
access token

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal