Pinecone
ReviewAudited by ClawScan on May 10, 2026.
Overview
The skill mostly matches its Pinecone integration purpose, but it gives the agent broad authenticated API/proxy power that could modify or delete Pinecone data without clear guardrails.
Install only if you trust Membrane and need agent access to Pinecone. Use least-privileged Pinecone credentials, prefer discovered named actions over raw proxy calls, and require explicit confirmation before any operation that creates, updates, or deletes indexes or vectors.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the agent chooses the wrong endpoint or method, it could change or delete Pinecone indexes, vectors, or other account data.
The skill documents a raw authenticated proxy to the Pinecone API with destructive HTTP methods available, without visible limits on endpoints, resources, or confirmation for mutations.
membrane request CONNECTION_ID /path/to/endpoint ... HTTP method (GET, POST, PUT, PATCH, DELETE)
Use named Membrane actions first, require explicit user confirmation before POST/PUT/PATCH/DELETE requests, and limit the connection to the least-privileged Pinecone scope available.
Connecting the account lets the agent operate with the privileges granted to the Membrane/Pinecone connection.
The integration relies on delegated credentials managed through Membrane, which is expected for this purpose but gives the skill access to authenticated Pinecone operations.
Membrane handles authentication and credentials refresh automatically
Review the requested Pinecone permissions, use a limited API key or role where possible, and revoke the Membrane connection when no longer needed.
The installed CLI code may differ over time from what was available when this skill was published.
The setup uses a globally installed npm package at the latest version; this is user-directed and purpose-aligned, but the exact reviewed version is not pinned in the artifact.
npm install -g @membranehq/cli@latest
Install the CLI only from the official npm package, consider pinning a version, and keep it updated through trusted channels.
Pinecone request data and responses may pass through Membrane infrastructure while using the integration.
API requests and authentication are brokered through Membrane as a gateway. This is disclosed and purpose-aligned, but the artifact does not detail Membrane's data retention or inspection boundaries.
send requests directly to the Pinecone API through Membrane's proxy ... injects the correct authentication headers
Use this only if you trust Membrane with the Pinecone operations involved, and avoid sending unnecessary sensitive payloads through the proxy.