Skills
skills/pinecone-io/skills/pinecone-assistant/Gen Agent Trust Hub

pinecone-assistant

Pass

Audited by Gen Agent Trust Hub on Feb 28, 2026

Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [DATA_EXFILTRATION]: The skill reads local files from the filesystem and uploads them to the official Pinecone service for indexing. This is a core component of the skill's primary functionality and targets the vendor's own infrastructure.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it incorporates untrusted content from indexed documents into the agent's chat responses.
  • Ingestion points: Documents are read from the local file system using the --source argument in scripts/upload.py and scripts/sync.py.
  • Boundary markers: No explicit delimiters or safety instructions are applied to the document content before it is indexed or retrieved.
  • Capability inventory: The skill possesses filesystem read access and network access to the Pinecone API.
  • Sanitization: No sanitization or filtering of document content is performed by the scripts.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 28, 2026, 10:57 AM