letta-fleet-management

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly supports loading prompts, memory blocks, tools and folder content from Supabase buckets via "from_bucket" and connects to external MCP server URLs (mcp_servers.url), meaning the agent will ingest and interpret third‑party/untrusted content from external storage/endpoints.