copy-agent

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill reads and copies agent markdown files from the Product Forge plugins cache (~/.claude/plugins/cache/product-forge-marketplace//agents/.md), which are third-party/user-provided agent definitions (including autonomous workflow content) that get installed into the user's agent config and could thus enable indirect prompt-injection.