pinecone-mcp
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFENO_CODE
Full Analysis
- NO_CODE (SAFE): The skill consists entirely of Markdown documentation providing a reference for Pinecone MCP tools. There are no scripts, binaries, or executable components included.
- EXTERNAL_DOWNLOADS (SAFE): The file contains a link to official documentation (docs.pinecone.io), which is a reputable and trusted source. No automated downloads or package installations are initiated.
- DATA_EXFILTRATION (SAFE): No sensitive file access, credential usage, or unauthorized network operations are present in the skill.
- INDIRECT_PROMPT_INJECTION (LOW): The tools described process external data (records and search queries), which is a standard surface for indirect injection. However, as this is a documentation reference rather than an implementation, the risk is inherent to the underlying Pinecone service rather than the skill itself.
Audit Metadata