claude-mem

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md's "Option B: Claude Subconscious" instructs using the Letta cloud (app.letta.com) to run a background agent that watches sessions and returns "whisper" guidance or injected memory blocks (see Option B Setup and the example "[subconscious]" output), so the agent will ingest and act on third-party-produced content from an external, untrusted service.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill instructs installing and running external packages that inject or whisper content into agent sessions (claude-mem from https://github.com/thedotmack/claude-mem and Letta/claude-subconscious via https://github.com/letta-ai/claude-subconscious / https://app.letta.com), so these URLs are runtime dependencies that can directly control prompts and execute code.