letta-api-client

High-risk capability. This module enables arbitrary shell command execution on the local host driven by untrusted agent/tool-call arguments, using execSync with no sanitization/allowlisting or real local policy enforcement. It also returns stdout/stderr back to the remote agent service and logs outputs, creating both remote command execution and local data exposure/exfiltration risk. Suitable only for tightly controlled, trusted environments with strong upstream validation and strict human/system approval outside this code.