letta-configuration

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt includes explicit examples and commands that embed API keys (e.g., sk-... in CLI args, curl JSON bodies, and code with api_key="..."), which instructs placing secret values verbatim into generated commands/configs and thus requires the LLM to handle/output secrets directly.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs Letta to connect to arbitrary third‑party provider APIs and custom OpenAI‑compatible endpoints (see "Model Discovery" in references/all_providers.md: "Letta automatically discovers available models by querying the provider's API" and custom-endpoints.md which allows arbitrary model_endpoint URLs), meaning the agent will fetch and consume untrusted external model outputs that can affect tool/function-calling and subsequent actions.