Pinecone
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If used incorrectly, the agent could make broad Pinecone API calls that modify or delete indexes, vectors, or other account data.
The skill documents a raw authenticated API proxy with arbitrary paths and mutation/delete methods. That can bypass safer pre-built actions and is not paired with clear approval or scoping instructions for destructive Pinecone operations.
membrane request CONNECTION_ID /path/to/endpoint ... HTTP method (GET, POST, PUT, PATCH, DELETE)
Prefer scoped Membrane actions, and require explicit user confirmation before any create, update, delete, or bulk operation. Limit raw proxy use to clearly specified endpoints and inputs.
Membrane will be able to act on the connected Pinecone account according to the granted permissions.
The skill requires the user to authenticate with Membrane and connect Pinecone, giving Membrane delegated access and credential refresh authority. This is purpose-aligned but security-relevant.
membrane login --tenant ... Membrane handles authentication and credentials refresh automatically
Use a trusted Membrane account, grant the narrowest Pinecone permissions available, and revoke the connection when it is no longer needed.
The behavior of the integration depends on the Membrane CLI package installed from npm.
The setup relies on installing or running an external npm package, including an @latest invocation. This is user-directed and purpose-aligned, but it depends on external package provenance.
npm install -g @membranehq/cli ... npx @membranehq/cli@latest
Install the CLI from the official package source, consider pinning a known version, and avoid running it from untrusted environments.
Pinecone request paths, parameters, and possibly data payloads may pass through Membrane rather than going directly from the user to Pinecone.
Pinecone API requests and credentials are mediated by Membrane as a gateway. This is disclosed and expected, but users should understand the third-party data and credential boundary.
send requests directly to the Pinecone API through Membrane's proxy ... Membrane manages the full Auth lifecycle server-side
Review Membrane's security and privacy terms before sending sensitive vector data or metadata through the proxy.