Skills
skills/github/awesome-copilot/pinecone-rag/Gen Agent Trust Hub

pinecone-rag

Pass

Audited by Gen Agent Trust Hub on Jun 19, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill implements a Retrieval-Augmented Generation (RAG) pipeline that is vulnerable to indirect prompt injection.
  • Ingestion points: The rag_answer function in SKILL.md retrieves content from the Pinecone index (hits) and merges it into the LLM's system prompt as context.
  • Boundary markers: The code uses simple newline separation (\n\n) to join context chunks. It lacks robust delimiters (like XML tags) or explicit instructions to the model to ignore any instructions found within the retrieved text.
  • Capability inventory: The skill uses the openai and pinecone libraries to perform search, upsert, and chat completion operations across all provided code snippets.
  • Sanitization: There is no evidence of sanitization, escaping, or validation of the retrieved document content before it is interpolated into the system prompt.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 19, 2026, 04:19 AM
Security Audit — agent-trust-hub — pinecone-rag