pinecone
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs official client libraries for Pinecone ('@pinecone-database/pinecone', 'pinecone-client') and OpenAI ('openai') from standard package registries. These are verified well-known services.
- [PROMPT_INJECTION]: The RAG pipeline in 'rag.js' presents an indirect prompt injection surface.
- Ingestion points: Data retrieved from the vector database via 'index.query' is directly included in the LLM prompt.
- Boundary markers: The implementation lacks delimiters or instructions to ignore embedded commands within the retrieved context.
- Capability inventory: The skill provides full index management and vector operations.
- Sanitization: There is no evidence of content sanitization or validation for the retrieved metadata before it is interpolated into the system prompt.
Audit Metadata