Skip to content

sync: skills update from pinecone-io/skills#15

Merged
arjunpatel7 merged 10 commits intomainfrom
sync/skills-22505611177
Mar 4, 2026
Merged

sync: skills update from pinecone-io/skills#15
arjunpatel7 merged 10 commits intomainfrom
sync/skills-22505611177

Conversation

@arjunpatel7
Copy link
Collaborator

@arjunpatel7 arjunpatel7 commented Feb 27, 2026

Automated skill sync from pinecone-io/skills — run #3.

Changed files:

skills/pinecone-assistant/SKILL.md skills/pinecone-assistant/references/chat.md skills/pinecone-assistant/references/create.md skills/pinecone-assistant/references/upload.md skills/pinecone-help/SKILL.md skills/pinecone-query/SKILL.md skills/pinecone-quickstart/SKILL.md

The contextualization workflow will run automatically on this branch to adapt these skills for this IDE. Review both the raw sync and Claude's adaptations before merging.

@github-actions @claude
contextualize: adapt synced skills for this plugin
7e9fdf0 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@github-actions
Copy link
Contributor

github-actions bot commented Feb 27, 2026

Contextualization summary

Changes made and why

skills/pinecone-assistant/SKILL.md

  • Renamed name: pinecone-assistantname: pinecone:assistant (Claude Code colon-namespace convention)
  • Added allowed-tools: Bash, Read (skill runs uv scripts via Bash and reads reference files)
  • Updated "ask the user to clarify" → "use AskUserQuestion to clarify" in Conversation Memory section
  • Condensed .env fallback in Prerequisites to a one-liner note (Claude Code inherits shell env)

skills/pinecone-help/SKILL.md

  • Renamed name: pinecone-helpname: pinecone:help
  • Added allowed-tools: Skill, Bash, Read (help skill may invoke other skills)
  • Updated all skill name references in the Available Skills table and "Which skill should I use?" section (pinecone-*pinecone:*)
  • Replaced .env fallback note with a Claude Code–specific note: "Claude Code inherits your shell environment, so the export above is sufficient"

skills/pinecone-query/SKILL.md

  • Renamed name: pinecone-queryname: pinecone:query
  • Added allowed-tools: Bash, Read
  • Updated pinecone-helppinecone:help cross-reference
  • Updated two "ask the user to choose/pick" instructions → AskUserQuestion
  • Updated "Ask the user interactively to clarify" → "Use AskUserQuestion to clarify" in Tools Reference
  • Condensed .env troubleshooting to a single export command

skills/pinecone-quickstart/SKILL.md

  • Renamed name: pinecone-quickstartname: pinecone:quickstart
  • Added allowed-tools: Skill(pinecone:assistant *), Bash, Read (Path B explicitly invokes the assistant skill)
  • Updated all pinecone-assistantpinecone:assistant references in Path B
  • Updated five "Ask the user..." prompts → AskUserQuestion (path selection, query exploration, reranking, wrap-up, and document availability)
  • Condensed all .env references: removed duplicate upsert command, simplified Prerequisites and Troubleshooting sections

skills/pinecone-assistant/references/create.md

  • Updated steps 2–3: "Ask the user about region preference" / "Ask if user wants custom instructions" → AskUserQuestion
  • Condensed PINECONE_API_KEY not set troubleshooting: removed .env fallback

skills/pinecone-assistant/references/chat.md

  • Updated step 1: "ask the user to select" → "use AskUserQuestion to let the user select"
  • Condensed PINECONE_API_KEY not set troubleshooting: removed .env fallback

skills/pinecone-assistant/references/upload.md

  • Updated step 1: "prompt for selection" → "use AskUserQuestion for selection"
  • Updated step 4: "Confirm with the user" → "Use AskUserQuestion to confirm with the user"

What was intentionally left unchanged

  • All skill directory names (only name frontmatter and content references were updated, per CLAUDE.md)
  • All script paths, command examples, and logic
  • All external URLs and documentation links
  • Content, meaning, and structure of every skill — no rewrites
  • .env references were retained as one-liner notes where the base skill mentioned them (not fully removed), since scripts can still be run with --env-file if needed

Recommendations for manual review

⚠️ Potential duplicate: skills/assistant/SKILL.md

The existing skills/assistant/ directory contains a skill with name: pinecone-assistant (still using the old hyphenated name). The newly added skills/pinecone-assistant/SKILL.md now registers as pinecone:assistant and covers the same operations — but with a leaner reference-doc structure and packaged scripts instead of inline SDK examples.

These two skills describe overlapping functionality. The reviewer should consider:

  • Whether skills/assistant/ should be removed or archived now that skills/pinecone-assistant/ is present
  • If keeping both, whether skills/assistant/SKILL.md should be renamed to pinecone:assistant-legacy or similar to avoid confusion
  • Note: skills/assistant/SKILL.md also has sub-skill references using Skill(assistant *) — those would need updating if the skill is kept

⚠️ pinecone-help references skills that don't exist yet

skills/pinecone-help/SKILL.md references pinecone:cli, pinecone:mcp, and pinecone:docs in its Available Skills table. These skills do not appear to exist in this plugin yet. The reviewer may want to either add stub skills for these or adjust the help text to note which ones are available.

github-actions bot and others added 3 commits February 27, 2026 22:11
@github-actions
chore: add test marketplace for branch testing
c34ed3a
@arjunpatel7 @claude
refactor: consolidate skills, remove redundant commands, add cli/mcp/…
5efab81 
…docs skills

- Move scripts from skills/assistant/ to skills/pinecone-assistant/scripts/
- Delete old skills/assistant/ (superseded by skills/pinecone-assistant/)
- Delete 9 redundant commands now covered by skills (keep join-discord.md)
- Add and contextualize pinecone:cli, pinecone:mcp, pinecone:docs skills

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@github-actions @claude
contextualize: adapt synced skills for this plugin
3a6fb45 
Update stale slash command references in pinecone-assistant scripts.
Old commands (assistant-chat, assistant-upload, etc.) were deleted in
the refactor commit; replace with unified /pinecone:assistant references.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@github-actions
Copy link
Contributor

github-actions bot commented Mar 2, 2026

Contextualization Summary

What was changed and why

skills/pinecone-assistant/scripts/create.py

  • Replaced 3 stale slash command references (/pinecone:assistant-upload, /pinecone:assistant-chat, /pinecone:assistant-context) in the "Next steps" output panel with references to the unified /pinecone:assistant skill. Those sub-commands were deleted in the refactor commit (5efab81).

skills/pinecone-assistant/scripts/context.py

  • Replaced 2 stale references (/pinecone:assistant-chat, /pinecone:assistant-upload) in the "Next steps" panel with /pinecone:assistant.
  • Replaced 1 stale reference in the AttributeError fallback message with /pinecone:assistant.

skills/pinecone-assistant/scripts/upload.py

  • Replaced 2 stale references (/pinecone:assistant-chat, /pinecone:assistant-context) in the "Next steps" panel with /pinecone:assistant.

skills/pinecone-assistant/scripts/list.py

  • Replaced 5 stale references (/pinecone:assistant-create, /pinecone:assistant-list, /pinecone:assistant-chat, /pinecone:assistant-upload, /pinecone:assistant-context) in the "no assistants" prompt and "Available Commands" panel with /pinecone:assistant.

What was intentionally left unchanged

  • All SKILL.md files — already contextualized correctly by prior commits (7e9fdf0 and 5efab81): name fields use pinecone: prefix, allowed-tools frontmatter is present, env var .env fallback in pinecone-assistant/SKILL.md is already condensed to a parenthetical one-liner.
  • Reference files (references/*.md) — no convention changes needed; they already use AskUserQuestion and don't reference deleted commands.
  • Script logic — only user-facing output strings were changed; no functional behavior modified.

Recommendations for the reviewer

  • Redundancy check: The commands/ directory was already cleaned up in commit 5efab81 (deleted assistant-chat.md, assistant-upload.md, help.md, query.md, quickstart.md, etc.). If there are any remaining commands/*.md files beyond join-discord.md, review whether they duplicate the new skills.
  • skills/assistant/ removal: The old skills/assistant/SKILL.md (with name: pinecone-assistant and allowed-tools: Skill(assistant *)) was deleted in 5efab81. If any external references still point to pinecone-assistant (hyphenated) rather than pinecone:assistant (colon), those would need updating.
  • .env fallback in pinecone-assistant/SKILL.md line 77: currently reads (or use a .envfile withuv run --env-file .env) — this is at the minimum "one-liner" level per CLAUDE.md. Consider removing it entirely since Claude Code users inherit shell env, but it is not blocking.

arjunpatel7 and others added 4 commits March 2, 2026 16:17
@arjunpatel7 @claude
fix: repair broken triple-quoted strings in assistant scripts
91ae45b 
The contextualization bot's second run removed closing triple-quotes
from f-strings in create.py and list.py, causing SyntaxErrors.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@arjunpatel7 @claude
fix: quickstart prereq uses MCP list-indexes instead of echo, add mis…
613da4e 
…sing scripts

Validate API key by calling list-indexes via Pinecone MCP rather than
echoing the env var. Also adds the upsert.py and quickstart_complete.py
scripts that SKILL.md references but were never committed.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@arjunpatel7 @claude
refactor: rename skill directories to remove pinecone- prefix
851af7c 
The plugin already namespaces skills with `pinecone:`, so directory
names like `pinecone-assistant/` caused double-pinecone confusion
(e.g. Claude trying `pinecone:pinecone-assistant`). Renamed all 7
skill dirs to just `assistant/`, `cli/`, `docs/`, `help/`, `mcp/`,
`query/`, `quickstart/`.

Also updates CLAUDE.md conventions, README (consolidates outdated
assistant sub-commands into single skill listing, adds cli/mcp/docs),
and adds __pycache__ + test files to .gitignore.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@arjunpatel7 @claude
fix: improve release and contextualize workflows
db9079f 
Release workflow:
- Trigger on all merged PRs to main (not just sync/skills-*)
- Auto-generate CHANGELOG.md entry from PR title/summary

Contextualize workflow:
- Skip re-runs when last commit is from github-actions[bot]
- Restrict Claude to .md files only (don't touch .py scripts)
- Add directory rename step (strip pinecone- prefix per CLAUDE.md)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@arjunpatel7 arjunpatel7 self-assigned this Mar 4, 2026
@arjunpatel7 arjunpatel7 added the bump:minor Label for release automation when minor changes are made label Mar 4, 2026
@arjunpatel7 @claude
fix: generate changelog from commit messages instead of PR body
969bf3c 
No longer requires manually editing PR description before merging.
Changelog entries are auto-generated from PR commit messages, filtering
out chore and automation commits.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
github-advanced-security[bot]
github-advanced-security bot found potential problems Mar 4, 2026
View reviewed changes
.github/workflows/release.yml
BULLETS=$(gh pr view "$PR_NUMBER" --json commits --jq '.commits[].messageHeadline' | grep -v '^chore:' | grep -v '^\[create-pull-request\]' | sed 's/^/- /')

if [ -z "$BULLETS" ]; then
BULLETS="- ${{ github.event.pull_request.title }}"

Check warning

Code scanning / CodeQL

Code injection Medium

Potential code injection in
${ github.event.pull_request.title }
Loading
, which may be controlled by an external user.

Copilot Autofix

AI 13 days ago

In general, to fix code injection in GitHub Actions run: blocks, avoid embedding untrusted ${{ ... }} expressions directly into the shell script. Instead, pass such values via env: (or with: for actions) and then read them using the shell’s native variable expansion ($VAR). This ensures the runner only substitutes the environment value once and the shell interprets it as data, not as part of the script structure.

Here, the risky usage is in the Update changelog step:

68:           if [ -z "$BULLETS" ]; then
69:             BULLETS="- ${{ github.event.pull_request.title }}"
70:           fi

We should add an environment variable, e.g. PR_TITLE: ${{ github.event.pull_request.title }}, in the same step’s env: section, and replace the direct expression in the script with $PR_TITLE using shell syntax. That yields:

env:
  NEW_VERSION: ${{ steps.version.outputs.new_version }}
  PR_NUMBER: ${{ github.event.pull_request.number }}
  PR_TITLE: ${{ github.event.pull_request.title }}
  GH_TOKEN: ${{ github.token }}
run: |
  ...
  if [ -z "$BULLETS" ]; then
    BULLETS="- $PR_TITLE"
  fi

This preserves all existing behavior (still uses the PR title as a fallback bullet) while eliminating the injection risk, because any metacharacters in $PR_TITLE are interpreted as content of the double-quoted string on assignment, not as part of the shell script itself. No additional methods or new imports are needed; only the env: mapping and the BULLETS assignment line must be changed, all within .github/workflows/release.yml in the shown step.

Suggested changeset 1
.github/workflows/release.yml

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -57,6 +57,7 @@
         env:
           NEW_VERSION: ${{ steps.version.outputs.new_version }}
           PR_NUMBER: ${{ github.event.pull_request.number }}
+          PR_TITLE: ${{ github.event.pull_request.title }}
           GH_TOKEN: ${{ github.token }}
         run: |
           DATE=$(date +%Y-%m-%d)
@@ -66,7 +67,7 @@
           BULLETS=$(gh pr view "$PR_NUMBER" --json commits --jq '.commits[].messageHeadline' | grep -v '^chore:' | grep -v '^\[create-pull-request\]' | sed 's/^/- /')
 
           if [ -z "$BULLETS" ]; then
-            BULLETS="- ${{ github.event.pull_request.title }}"
+            BULLETS="- $PR_TITLE"
           fi
 
           # Build the new changelog entry
@@ -78,7 +79,6 @@
           else
             # No header found — prepend entry to file
             printf '%s\n\n%s' "$ENTRY" "$(cat CHANGELOG.md)" > CHANGELOG.md
-          fi
 
       - name: Commit and tag
         run: |
EOF
@@ -57,6 +57,7 @@
env:
NEW_VERSION: ${{ steps.version.outputs.new_version }}
PR_NUMBER: ${{ github.event.pull_request.number }}
PR_TITLE: ${{ github.event.pull_request.title }}
GH_TOKEN: ${{ github.token }}
run: |
DATE=$(date +%Y-%m-%d)
@@ -66,7 +67,7 @@
BULLETS=$(gh pr view "$PR_NUMBER" --json commits --jq '.commits[].messageHeadline' | grep -v '^chore:' | grep -v '^\[create-pull-request\]' | sed 's/^/- /')

if [ -z "$BULLETS" ]; then
BULLETS="- ${{ github.event.pull_request.title }}"
BULLETS="- $PR_TITLE"
fi

# Build the new changelog entry
@@ -78,7 +79,6 @@
else
# No header found — prepend entry to file
printf '%s\n\n%s' "$ENTRY" "$(cat CHANGELOG.md)" > CHANGELOG.md
fi

- name: Commit and tag
run: |
Copilot is powered by AI and may make mistakes. Always verify output.
@arjunpatel7 arjunpatel7 merged commit 92eceac into main Mar 4, 2026
6 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@arjunpatel7 arjunpatel7

Labels

bump:minor Label for release automation when minor changes are made skill-sync

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@arjunpatel7