← Back to Skills Marketplace
bholagabbar

Granola Meeting Notes (MCP)

by bholagabbar · GitHub ↗ · v1.1.0
cross-platform ✓ Security Clean
599
Downloads
1
Stars
0
Active Installs
2
Versions
Install in OpenClaw
/install granola-mcp
Description
Access Granola AI meeting notes via MCP (mcporter). Query meetings, list by date range, get full details, and pull verbatim transcripts. Use when the user as...
README (SKILL.md)

Granola MCP

Meeting notes AI connected via mcporter call granola.\x3Ctool>.

Tools

granola.query_granola_meetings  query=\x3Cstring> [document_ids=\x3Cuuid[]>]
granola.list_meetings           [time_range=this_week|last_week|last_30_days|custom] [custom_start=\x3CISO>] [custom_end=\x3CISO>]
granola.get_meetings            meeting_ids=\x3Cuuid[]>  (max 10)
granola.get_meeting_transcript  meeting_id=\x3Cuuid>

Usage Pattern

  1. For open-ended questions ("what did we discuss about X?"), use query_granola_meetings
  2. For listing meetings in a range, use list_meetings
  3. For full details on specific meetings, use get_meetings with IDs from list results
  4. For exact quotes or verbatim content, use get_meeting_transcript

Prefer query_granola_meetings over list+get for natural language questions. Responses include citation links (e.g. [[0]](url)). Preserve these in replies so the user can click through to original notes.

Setup

  1. Complete the Granola OAuth flow at https://mcp-auth.granola.ai/oauth2/authorize
  2. Save credentials to config/granola_oauth.json with keys: client_id, refresh_token, access_token, token_endpoint
  3. Configure config/mcporter.json with the Granola MCP server entry and Authorization: Bearer \x3Ctoken> header
  4. (Optional) Set up a cron job to run scripts/refresh_token.sh periodically, since OAuth tokens expire every ~6 hours

Auth & Token Refresh

If a call fails with 401/auth error:

bash {baseDir}/scripts/refresh_token.sh

The script reads config/granola_oauth.json, posts to the token endpoint (https://mcp-auth.granola.ai/oauth2/token), and updates both config/granola_oauth.json and config/mcporter.json with the new access token.

Then retry the call. If refresh also fails, the user needs to re-authenticate manually via the OAuth flow above.

Config Files

  • config/granola_oauth.json — OAuth credentials (client_id, refresh_token, access_token, token_endpoint). Contains secrets; do not commit.
  • config/mcporter.json — MCP server config with bearer token header. Contains secrets; do not commit.
Usage Guidance
This skill appears to do what it says: call Granola via the mcporter client and refresh OAuth tokens. Before installing: (1) ensure the mcporter binary you have is the legitimate client you expect; (2) create and store config/granola_oauth.json and config/mcporter.json in a secure location, set strict file permissions, and never commit them to version control; (3) inspect the refresh_token.sh script (it is small and readable) and consider removing or limiting its stdout output to avoid logging tokens on error; (4) only use the official token endpoint (don’t allow an untrusted token_endpoint value in the oauth config), and (5) if you schedule the script (cron), ensure the environment it runs in is isolated and monitored. These are operational cautions for any OAuth-based integration rather than indicators of malicious behavior.
Capability Analysis
Type: OpenClaw Skill Name: granola-mcp Version: 1.1.0 The OpenClaw skill bundle for Granola MCP is benign. It provides tools to access meeting notes and includes a script (`scripts/refresh_token.sh`) for OAuth token refresh. The script reads and updates local configuration files (`config/granola_oauth.json`, `config/mcporter.json`) and makes a `curl` request to the legitimate Granola OAuth token endpoint (`https://mcp-auth.granola.ai/oauth2/token`). All actions, including the `SKILL.md` instructions for the agent to execute the refresh script, are consistent with the stated purpose of managing API access and show no evidence of malicious intent such as data exfiltration to unauthorized endpoints, backdoor installation, or harmful prompt injection.
Capability Assessment
Purpose & Capability
Name/description (Granola via MCP) matches the declared binaries (mcporter, curl, bash, python3) and the included refresh script. Requiring mcporter is expected for MCP calls; curl/python3/bash are only used for the OAuth refresh helper and are proportionate to the stated purpose.
Instruction Scope
SKILL.md limits runtime actions to calling mcporter and running an OAuth refresh script when auth fails. The refresh script reads and updates only the two declared config files (config/granola_oauth.json and config/mcporter.json) and POSTs to the token endpoint listed in the OAuth config. That is within scope, but the script prints full error responses to stdout (which could leak sensitive info into logs) and a mistaken or malicious token_endpoint value in the config would cause refresh_token to be sent to an arbitrary endpoint—so user trust in the config values and log handling is important.
Install Mechanism
No install spec is provided and no remote downloads occur; this is an instruction-only skill with a small local script. There is no evidence of additional install-time network fetches or archives being written.
Credentials
No environment variables or unrelated credentials are requested. The skill requires two local config files that necessarily contain secrets (refresh_token, access_token, bearer header). This is appropriate for an OAuth-based integration, but it means the user must protect those files (permissions, not committing to VCS).
Persistence & Privilege
always:false and no changes to other skills or global agent settings. The script updates only its own declared config files. Optionally suggesting a cron job is normal but increases operational exposure if scheduled without safeguards.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install granola-mcp
  3. After installation, invoke the skill by name or use /granola-mcp
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.1.0
Fix: declare required bins (bash/curl/python3/mcporter), declare config file paths, fix config path inconsistency in refresh script, remove unsupported cron claim, add setup instructions
v1.0.0
Initial release: query, list, get, and transcribe Granola AI meetings via MCP (mcporter)
Metadata
Slug granola-mcp
Version 1.1.0
License
All-time Installs 0
Active Installs 0
Total Versions 2
Frequently Asked Questions

What is Granola Meeting Notes (MCP)?

Access Granola AI meeting notes via MCP (mcporter). Query meetings, list by date range, get full details, and pull verbatim transcripts. Use when the user as... It is an AI Agent Skill for Claude Code / OpenClaw, with 599 downloads so far.

How do I install Granola Meeting Notes (MCP)?

Run "/install granola-mcp" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Granola Meeting Notes (MCP) free?

Yes, Granola Meeting Notes (MCP) is completely free (open-source). You can download, install and use it at no cost.

Which platforms does Granola Meeting Notes (MCP) support?

Granola Meeting Notes (MCP) is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Granola Meeting Notes (MCP)?

It is built and maintained by bholagabbar (@bholagabbar); the current version is v1.1.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463815 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259802 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200680 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191345 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190333 · by oswalpalash

💬 Comments