letta-api-client

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly enables and demonstrates a built-in "web_search" tool that agents can attach and invoke (e.g., examples/python/02_create_agent.py and examples/python/05_send_message.py show agents created with tools=["web_search"] and user messages like "Search the web…"), so the agent fetches and interprets open/public web content which could contain untrusted instructions influencing its tool use and behavior.