pinecone
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to use the
membraneCLI tool for all Pinecone interactions, including connection setup and action execution. These commands are executed in the local shell environment to facilitate the integration. - [EXTERNAL_DOWNLOADS]: The skill requires the installation of the
@membranehq/clipackage from the NPM registry. This is a verified vendor resource from the skill's authoring organization and is necessary for the intended functionality. - [PROMPT_INJECTION]: The skill has an indirect prompt injection surface as it ingest data from external Pinecone indexes and processes it through CLI commands.
- Ingestion points: Data retrieved via
membrane action runandmembrane requestin SKILL.md. - Boundary markers: Not present.
- Capability inventory: Shell command execution capabilities via the
membraneCLI. - Sanitization: No specific sanitization logic is described in the skill for processing external database content.
Audit Metadata