pinecone
Pass
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: LOWEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- EXTERNAL_DOWNLOADS (LOW): The skill references the
pinecone-clientPython package in the YAML dependency list and installation instructions. While this is a well-known library, it is unversioned, which is a minor best-practice violation. - DATA_EXFILTRATION (LOW): The skill's code snippets initiate network requests to Pinecone API endpoints (pinecone.io) and specific cloud regions (e.g., us-east-1). These destinations are not included in the trusted domain whitelist.
- PROMPT_INJECTION (LOW): The skill provides the capability to query external vector data, creating an Indirect Prompt Injection surface. Ingestion points: Results from
index.query()inSKILL.md. Boundary markers: None identified in the provided snippets. Capability inventory: Limited to Pinecone API operations; no direct OS command execution or local file modification. Sanitization: No evidence of metadata sanitization or validation is present in the examples.
Audit Metadata