Enterprise Account Executive

Weaviate launches Agent Skills to empower AI coding agents. The new open-source repository delivers structured skills, slash commands, and production-ready cookbooks to reduce AI coding errors and speed up weaviate-based application development. February 21, 2026 13:22 ET | Source: Weaviate Amsterdam, Netherlands, Feb. 21, 2026 (GLOBE NEWSWIRE) - February 20, 2026 - Weaviate, the leading open-source AI database, today announced the launch of Weaviate Agent Skills, an innovative open-source repository that equips popular coding agents like Claude Code, Cursor, GitHub Copilot, VS Code, and Gemini CLI with precise tools for generating production-ready code targeting Weaviate workflows. This release builds directly on Weaviate's Query Agent, first previewed in March 2025 and reaching general availability in September 2025. The Query Agent supports natural language queries across multiple collections, featuring multi-collection routing, intelligent query expansion, decomposition for complex questions, user-defined filters, and reranking for optimal results. Developers can test Agent Skills immediately using Weaviate Cloud's free Sandbox clusters - small instances designed for experimentation that last 14 days and can be extended or upgraded to production Shared Cloud setups. Comprehensive Repository Tools The repository at github.com/weaviate/agent-skills is structured into two core sections, providing full lifecycle support from basic operations to complete applications. Weaviate Skills in the /skills/weaviate directory offer granular scripts for key tasks. These cover cluster management such as schema inspection, collection creation, and metadata retrieval; data lifecycle operations including imports from CSV, JSON, or JSONL files plus example data generation; agentic search powered by Query Agent; and advanced retrieval options like hybrid search (blending semantic and keyword with alpha parameters), pure semantic, or keyword modes. Cookbooks in the /skills/weaviate-cookbooks folder provide end-to-end blueprints for production apps. Highlights include Query Agent chatbots built with FastAPI backends and Next.js frontends; multimodal PDF RAG pipelines using ModernVBERT for multivector embeddings alongside Ollama or Qwen3-VL for generation; basic, advanced, and agentic RAG implementations with decomposition and reranking; and DSPy-optimized agents incorporating custom tools and persistent memory. Six Streamlined Slash Commands Agent Skills introduces six intuitive commands that AI coding agents can auto-discover and execute, streamlining Weaviate interactions: * /weaviate:ask: Delivers AI-generated answers with citations via Query Agent. * /weaviate:collections: Lists all schemas or inspects specific collections. * /weaviate:explore: Shows data metrics, counts, and sample objects. * /weaviate:fetch: Retrieves objects by ID or filters by properties. * /weaviate:query: Performs natural language searches across collections. * /weaviate:search: Executes hybrid, semantic, or keyword searches with parameters like alpha blending. For instance, developers can run "/weaviate:search query 'best laptops' collection 'Products' type 'hybrid' alpha '0.7'" for balanced retrieval or "/weaviate:ask What are vector database benefits?" against a Documentation collection. CEO Bob van Luijt's Vision Bob van Luijt, Co-Founder and CEO of Weaviate - which he launched as an open-source vector search engine in March 2019 - shared launch insights. "Weaviate Agent Skills bridges the gap between high-velocity AI coding and reliable infrastructure, letting developers build sophisticated AI systems without debugging agent hallucinations," van Luijt stated. As a prominent Netherlands-based technology entrepreneur, Van Luijt champions open-source AI tools. He positions Weaviate as a "batteries-included" stack that combines vector search, structured filtering, and agentic capabilities for modern AI applications. Instant Setup for Developers Integration is designed for speed. Install with a single command like npx skills add weaviate/agent-skills or via plugin managers in tools like Claude Code. Configure environment variables using your Weaviate Cloud endpoint and API key from a free Sandbox cluster. Run /weaviate:quickstart for guided setup. This launch aligns with Weaviate's 2025 momentum, including Query Agent GA, enhanced TypeScript/Python SDKs, multi-turn conversations, streaming responses, and new C#/Java clients for broader ecosystem support. Weaviate invites the community to star the repo, submit pull requests for new cookbooks, and participate in discussions on GitHub, the Weaviate Forum, Slack workspace, and X. Strategic Impact on AI Development Agent Skills addresses a critical pain point: AI agents often generate inaccurate or incomplete code for vector databases due to hallucinations or outdated knowledge. By providing verified, modular tools, Weaviate enables faster iteration from prototype to production. Early adopters report 3x reductions in debugging time for RAG pipelines and agentic apps. The repository's modular design also facilitates contributions, with plans for expanded skills covering generative modules, tenancy isolation, and hybrid cloud deployments. About Weaviate Weaviate is an open-source, AI database that handles storage, retrieval, and orchestration for generative AI at scale. Backed by enterprise-grade Weaviate Cloud services, it powers agentic workflows - from simple semantic search to complex multi-agent systems - delivering sub-second latency on billions of objects. Media Contact: Philip Vollet [email protected] +49-160-96488554

Weaviate security release - medium and high severity fixes for CVEs. This week Weaviate has released security patches for Weaviate 1.30.x, 1.31.x, 1.32.x and 1.33.x. These patches contain a fix for two pending CVEs (Weaviate will update this blog once Weaviate has had CVEs reserved), a high severity path traversal vulnerability in its backup modules, and a medium severity path traversal vulnerability in its shard movement module. As per its security policy, Weaviate customers running in Weaviate Cloud, and Marketplace customers on AWS, Azure and GCP have been patched seamlessly. Its Weaviate Enterprise Support customers have received early notification under embargo. Path traversal via backup zipslip (CVE pending). An attacker with access to create objects in Weaviate can use symbolic links, absolute paths or "..." segments to escape the intended restore root for backups, and create or overwrite files at arbitrary paths within Weaviate's privilege scope. The CVSS score for this vulnerability is High (7.2) Impacted versions of Weaviate are <= Weaviate 1.30.19, <= Weaviate 1.31.18, <= Weaviate 1.32.15 and <= Weaviate 1.33.3. Weaviate recommend that impacted customers update their Weaviate installations to fully address the vulnerability. The Backup modules can also be disabled by removing any backup* entries from the "enabled_modules" flag. Path traversal via Shard Movement API (CVE pending). An attacker with access to call the GetFile method can supply a malicious fileName parameter which allows parent-directory traversal sequences (.../.../...) or absolute paths to escape the intended shard root directory. As a result, the attacker can read arbitrary files within Weaviate's privilege scope. The Shard Movement API is disabled by default, and this vulnerability requires that shards are in "Pause file activity" state. The CVSS score for this vulnerability is Medium (4.9) This vulnerability was introduced in Weaviate 1.30. Impacted versions of the product are >= Weaviate 1.30.0 <= Weaviate 1.30.19, <= Weaviate 1.31.18, <= Weaviate 1.32.15 and <= Weaviate 1.33.3. Weaviate recommend that impacted customers update their Weaviate installations to fully address the vulnerability. The Shard movement API can also be explicitly disabled by setting the "REPLICA_MOVEMENT_ENABLED" flag to false. This vulnerability was discovered by soohyun, who notified Weaviate through its Vulnerability Disclosure Program. Reporting security issues. If you think you have found a security vulnerability, please go to its Security Report page to learn how to send Weaviate a report. Weaviate will contact you to acknowledge your report, and advise on next steps. Weaviate ask that researchers do not disclose vulnerabilities publicly until they have been fixed and announced, unless you have received a response from the Weaviate security team that you can do so. Ready to start building? Check out the Quickstart tutorial, or build amazing apps with a free trial of Weaviate Cloud (WCD).