pinecone-n8n

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly downloads arbitrary file URLs via the "Download file" HTTP Request node (set from "Set file urls") and ingests them into the Pinecone Assistant / Vector Store (see Upload file to Assistant and Pinecone Vector Store ingestion and getContextSnippets), meaning untrusted public/user-provided content is read and then used by the AI Agent and tools to influence actions and responses.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill includes HTTP Request nodes that fetch arbitrary external files at runtime via the url expression "={{ $json.urls }}" (e.g., user-provided file URLs) and then uploads that fetched content into the Pinecone Assistant / Vector Store where it can be retrieved and directly influence the agent's prompts and responses.