granola-webhooks-events

Facilitates event-driven automations using Granola webhooks for real-time notifications and custom integrations.

Install this skill

or

0/100

Security score

The granola-webhooks-events skill was audited on May 23, 2026 and we found 32 security issues across 3 threat categories. Review the findings below before installing.

Categories Tested

Security Issues

medium line 136

Template literal with variable interpolation in command context

SourceSKILL.md

136	console.log(`Meeting received: ${title} (${datetime})`);

medium line 158

Template literal with variable interpolation in command context

SourceSKILL.md

158	console.log(`External meeting: ${title}, ${actionItems.length} action items`);

medium line 163

Template literal with variable interpolation in command context

SourceSKILL.md

163	console.log(`Internal meeting: ${title}, ${actionItems.length} action items`);

medium line 217

Template literal with variable interpolation in command context

SourceSKILL.md

217	const noteId = `${req.body.title}-${req.body.datetime}`;

medium line 2

Webhook reference - potential data exfiltration

SourceSKILL.md

2	name: granola-webhooks-events

medium line 3

Webhook reference - potential data exfiltration

SourceSKILL.md

3	description: 'Build event-driven automations with Granola''s Zapier webhook triggers.

medium line 9

Webhook reference - potential data exfiltration

SourceSKILL.md

9	Trigger: "granola webhooks", "granola events", "granola triggers",

medium line 21

Webhook reference - potential data exfiltration

SourceSKILL.md

21	- webhooks

medium line 25

Webhook reference - potential data exfiltration

SourceSKILL.md

25	# Granola Webhooks & Events

medium line 29

Webhook reference - potential data exfiltration

SourceSKILL.md

29	Granola does not expose raw webhook endpoints. All event-driven automation flows through Zapier, which provides two trigger events. This skill covers the event model, webhook payload structure, event

medium line 35

Webhook reference - potential data exfiltration

SourceSKILL.md

35	- Optional: custom webhook endpoint (Express.js, FastAPI, or serverless function)

medium line 41

Webhook reference - potential data exfiltration

SourceSKILL.md

41	Granola fires events through Zapier triggers, not direct webhooks. Two triggers are available:

medium line 48

Webhook reference - potential data exfiltration

SourceSKILL.md

48	### Step 2 — Webhook Payload Structure

medium line 103

Webhook reference - potential data exfiltration

SourceSKILL.md

103	### Step 4 — Build a Custom Webhook Handler

low line 110

Webhook reference - potential data exfiltration

SourceSKILL.md

110	Action: Webhooks by Zapier — POST

low line 111

Webhook reference - potential data exfiltration

SourceSKILL.md

111	URL: https://your-api.com/webhooks/granola

low line 119

Webhook reference - potential data exfiltration

SourceSKILL.md

119	hmac: "{{your_webhook_secret}}"

low line 125

Webhook reference - potential data exfiltration

SourceSKILL.md

125	// webhook-handler.js

low line 130

Webhook reference - potential data exfiltration

SourceSKILL.md

130	app.post('/webhooks/granola', async (req, res) => {

low line 133

Webhook reference - potential data exfiltration

SourceSKILL.md

133	// Validate webhook (use HMAC or shared secret)

low line 166

Webhook reference - potential data exfiltration

SourceSKILL.md

166	app.listen(3000, () => console.log('Granola webhook handler running on :3000'));

low line 177

Webhook reference - potential data exfiltration

SourceSKILL.md

177	@app.post("/webhooks/granola")

medium line 205

Webhook reference - potential data exfiltration

SourceSKILL.md

205	\| Conditional \| Route by meeting type \| Zapier Paths or custom webhook with routing logic \|

medium line 210

Webhook reference - potential data exfiltration

SourceSKILL.md

210	Zapier handles retries automatically for failed actions. For custom webhooks:

low line 216

Webhook reference - potential data exfiltration

SourceSKILL.md

216	app.post('/webhooks/granola', async (req, res) => {

medium line 232

Webhook reference - potential data exfiltration

SourceSKILL.md

232	- Custom webhook handler processing events

medium line 242

Webhook reference - potential data exfiltration

SourceSKILL.md

242	\| Webhook timeout \| Handler takes > 30s \| Return 200 immediately, process async \|

medium line 248

Webhook reference - potential data exfiltration

SourceSKILL.md

248	- [Zapier Webhooks Documentation](https://zapier.com/help/create/code-webhooks)

low line 111

External URL reference

SourceSKILL.md

111	URL: https://your-api.com/webhooks/granola

low line 247

External URL reference

SourceSKILL.md

247	- [Zapier Granola Integration](https://zapier.com/apps/granola/integrations)

low line 248

External URL reference

SourceSKILL.md

248	- [Zapier Webhooks Documentation](https://zapier.com/help/create/code-webhooks)

low line 249

External URL reference

SourceSKILL.md

249	- [4 Ways to Automate Granola](https://zapier.com/blog/automate-granola/)

Scanned on May 23, 2026

View Security Dashboard

Installation guide →

GitHub Stars 2.4K

Rate this skill

Categorymarketing

UpdatedJune 15, 2026

claude claude-code codex frontend design notion react docx api backend growth-marketer product-marketer customer-success-manager zapier marketing sales

jeremylongshore/claude-code-plugins-plus-skills