cli
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- EXTERNAL_DOWNLOADS (LOW): The skill provides instructions to install the Pinecone CLI from GitHub Releases and a Homebrew tap (
pinecone-io/tap). While these are official Pinecone channels, the organization is not on the specific trusted sources list. - PROMPT_INJECTION (LOW): The skill creates an attack surface for indirect prompt injection through retrieved vector metadata.
- Ingestion points: Vector metadata is ingested into the agent's context through
pc index vector queryandpc index vector fetchas seen inSKILL.mdandreferences/command-reference.md. - Boundary markers: There are no explicit instructions or delimiters defined to prevent the agent from executing instructions found within the retrieved metadata.
- Capability inventory: The agent is capable of executing shell commands, managing API keys, and performing destructive actions such as deleting indexes or entire organizations.
- Sanitization: The skill lacks any instructions for sanitizing or validating external content before processing.
Audit Metadata