finding-agents

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill fetches and returns other agents' details and optionally their memory blocks (via the --include-blocks option and the "Returns the raw API response with full agent details" output, and by using letta messages search --all-agents), which exposes the agent to untrusted user-generated content from other agents on the server that could contain embedded instructions.