CtrlK
BlogDocsLog inGet started
Tessl Logo

granola-security-basics

Security and privacy configuration for Granola meeting data. Use when reviewing data handling practices, configuring encryption, ensuring SOC 2/GDPR compliance, or securing meeting recordings. Trigger: "granola security", "granola privacy", "granola encryption", "granola SOC 2", "granola GDPR", "secure granola".

67

Quality

Does it follow best practices?

Impact

No eval scenarios have been run

SecuritybySnyk

Passed

No known issues

SKILL.md
Quality
Evals
Security

Quality

Content

65%

Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.

The body is well-structured and actionable with concrete settings paths and commands, but it is held back by an unreferenced, duplicative bundle file, missing validation checkpoints in the configuration flow, and a time-sensitive date outside a deprecated section.

Suggestions

Reference references/security-controls.md from the body (e.g., a "## Detailed controls" section linking to it) and move the duplicated sharing matrix, sensitive-meeting checklist, and compliance tables out of SKILL.md into that file to avoid inline duplication.

Add explicit validation checkpoints to the configuration workflow (e.g., "Verify SSO login succeeds before proceeding", "Confirm retention policy applied to a test workspace") since data-retention and deletion settings are mildly destructive.

Move the "July 2025" SOC 2 certification date into a clearly labeled status/deprecation-aware section, or phrase it without a hard date, so time-sensitive facts do not silently go stale.

DimensionReasoningScore

Conciseness

Largely efficient and Granola-specific, but includes a time-sensitive date ("SOC 2 Type 2 certification in July 2025") outside a deprecated/old-patterns section and some general consent-law explanation Claude already knows, so it does not fully earn the lean-and-efficient top anchor.

2 / 3

Actionability

Provides concrete, copy-paste-ready guidance: specific settings paths ("Settings > Security > SSO"), an executable command ("chmod 600 \"$HOME/Library/Application Support/Granola/cache-v3.json\""), and a ready-to-use consent notice. As an instruction-only skill, the actionable guidance is complete.

3 / 3

Workflow Clarity

Steps are clearly sequenced (Step 1–6) and an Error Handling table offers cause→fix feedback, but the main flow lacks explicit validation checkpoints despite retention/deletion being mildly destructive, capping it below the top anchor.

2 / 3

Progressive Disclosure

A bundle file references/security-controls.md exists but is never referenced or signaled from the body, and its content (sharing matrix, sensitive protocol, retention, compliance) is duplicated inline in the body — content that should be split out remains inline.

2 / 3

Total

9

/

12

Passed

Description

100%

Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.

The description is strong: it states concrete capabilities, includes an explicit Use-when clause with natural trigger phrases, and is scoped to a distinct niche that minimizes conflict risk. No significant weaknesses identified.

DimensionReasoningScore

Specificity

Lists multiple concrete actions — "configuring encryption", "ensuring SOC 2/GDPR compliance", "securing meeting recordings", "reviewing data handling practices" — rather than vague language, matching the "lists multiple specific concrete actions" anchor.

3 / 3

Completeness

Explicitly answers both what ("Security and privacy configuration for Granola meeting data") and when ("Use when reviewing data handling practices...") with an explicit Use-when clause and trigger terms.

3 / 3

Trigger Term Quality

Trigger phrases like "granola security", "granola privacy", and "secure granola" are natural terms a user would say when needing this skill, giving good coverage of common variations.

3 / 3

Distinctiveness Conflict Risk

Scoped to a distinct product niche ("Granola meeting data") with triggers all containing "granola", making it unlikely to fire for unrelated skills.

3 / 3

Total

12

/

12

Passed

Validation

87%

Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.

Validation14 / 16 Passed

Validation for skill structure

CriteriaDescriptionResult

allowed_tools_field

'allowed-tools' contains unusual tool name(s)

Warning

frontmatter_unknown_keys

Unknown frontmatter key(s) found; consider removing or moving to metadata

Warning

Total

14

/

16

Passed

Repository
jeremylongshore/claude-code-plugins-plus-skills
Reviewed

Table of Contents

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.