pinecone-cli
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (LOW): The skill instructions include downloading the Pinecone CLI from GitHub and Homebrew via
pinecone-iorepositories. Since this organization is not on the explicit list of trusted sources, it is classified as an external download from an unverified source. The severity is kept at LOW because these are the legitimate distribution channels for the service the skill is intended to support. - [COMMAND_EXECUTION] (LOW): The skill enables an agent to perform administrative tasks such as creating, updating, and deleting Pinecone indexes, vectors, and API keys. Highly destructive commands like
pc organization deleteare included. These capabilities are within the scope of the skill's primary purpose but pose a risk if executed without proper guardrails.
Audit Metadata