granola-webhooks-events

Facilitates event-driven automations using Granola webhooks for real-time notifications and custom integrations.

Install this skill

or

0/100

Security score

The granola-webhooks-events skill was audited on May 12, 2026 and we found 32 security issues across 3 threat categories. Review the findings below before installing.

Categories Tested

Security Issues

medium line 128

Template literal with variable interpolation in command context

SourceSKILL.md

128	console.log(`Meeting received: ${title} (${datetime})`);

medium line 150

Template literal with variable interpolation in command context

SourceSKILL.md

150	console.log(`External meeting: ${title}, ${actionItems.length} action items`);

medium line 155

Template literal with variable interpolation in command context

SourceSKILL.md

155	console.log(`Internal meeting: ${title}, ${actionItems.length} action items`);

medium line 208

Template literal with variable interpolation in command context

SourceSKILL.md

208	const noteId = `${req.body.title}-${req.body.datetime}`;

medium line 2

Webhook reference - potential data exfiltration

SourceSKILL.md

2	name: granola-webhooks-events

medium line 3

Webhook reference - potential data exfiltration

SourceSKILL.md

3	description: 'Build event-driven automations with Granola''s Zapier webhook triggers.

medium line 9

Webhook reference - potential data exfiltration

SourceSKILL.md

9	Trigger: "granola webhooks", "granola events", "granola triggers",

medium line 21

Webhook reference - potential data exfiltration

SourceSKILL.md

21	- webhooks

medium line 25

Webhook reference - potential data exfiltration

SourceSKILL.md

25	# Granola Webhooks & Events

medium line 28

Webhook reference - potential data exfiltration

SourceSKILL.md

28	Granola does not expose raw webhook endpoints. All event-driven automation flows through Zapier, which provides two trigger events. This skill covers the event model, webhook payload structure, event

medium line 33

Webhook reference - potential data exfiltration

SourceSKILL.md

33	- Optional: custom webhook endpoint (Express.js, FastAPI, or serverless function)

medium line 39

Webhook reference - potential data exfiltration

SourceSKILL.md

39	Granola fires events through Zapier triggers, not direct webhooks. Two triggers are available:

medium line 46

Webhook reference - potential data exfiltration

SourceSKILL.md

46	### Step 2 — Webhook Payload Structure

medium line 96

Webhook reference - potential data exfiltration

SourceSKILL.md

96	### Step 4 — Build a Custom Webhook Handler

low line 103

Webhook reference - potential data exfiltration

SourceSKILL.md

103	Action: Webhooks by Zapier — POST

low line 104

Webhook reference - potential data exfiltration

SourceSKILL.md

104	URL: https://your-api.com/webhooks/granola

low line 112

Webhook reference - potential data exfiltration

SourceSKILL.md

112	hmac: "{{your_webhook_secret}}"

low line 117

Webhook reference - potential data exfiltration

SourceSKILL.md

117	// webhook-handler.js

low line 122

Webhook reference - potential data exfiltration

SourceSKILL.md

122	app.post('/webhooks/granola', async (req, res) => {

low line 125

Webhook reference - potential data exfiltration

SourceSKILL.md

125	// Validate webhook (use HMAC or shared secret)

low line 158

Webhook reference - potential data exfiltration

SourceSKILL.md

158	app.listen(3000, () => console.log('Granola webhook handler running on :3000'));

low line 168

Webhook reference - potential data exfiltration

SourceSKILL.md

168	@app.post("/webhooks/granola")

medium line 196

Webhook reference - potential data exfiltration

SourceSKILL.md

196	\| Conditional \| Route by meeting type \| Zapier Paths or custom webhook with routing logic \|

medium line 201

Webhook reference - potential data exfiltration

SourceSKILL.md

201	Zapier handles retries automatically for failed actions. For custom webhooks:

low line 207

Webhook reference - potential data exfiltration

SourceSKILL.md

207	app.post('/webhooks/granola', async (req, res) => {

medium line 222

Webhook reference - potential data exfiltration

SourceSKILL.md

222	- Custom webhook handler processing events

medium line 232

Webhook reference - potential data exfiltration

SourceSKILL.md

232	\| Webhook timeout \| Handler takes > 30s \| Return 200 immediately, process async \|

medium line 237

Webhook reference - potential data exfiltration

SourceSKILL.md

237	- [Zapier Webhooks Documentation](https://zapier.com/help/create/code-webhooks)

low line 104

External URL reference

SourceSKILL.md

104	URL: https://your-api.com/webhooks/granola

low line 236

External URL reference

SourceSKILL.md

236	- [Zapier Granola Integration](https://zapier.com/apps/granola/integrations)

low line 237

External URL reference

SourceSKILL.md

237	- [Zapier Webhooks Documentation](https://zapier.com/help/create/code-webhooks)

low line 238

External URL reference

SourceSKILL.md

238	- [4 Ways to Automate Granola](https://zapier.com/blog/automate-granola/)

Scanned on May 12, 2026

View Security Dashboard

Installation guide →

GitHub Stars 2.2K

Rate this skill

Categorymarketing

UpdatedMay 20, 2026

claude claude-code codex frontend design notion react docx api backend growth-marketer product-marketer customer-success-manager zapier marketing sales

jeremylongshore/claude-code-plugins-plus-skills