copy-command

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill scans and reads plugin command markdown files from the Product Forge cache (~/.claude/plugins/cache/product-forge-marketplace//commands/.md), which are third‑party/user-contributed files that contain execution instructions that the agent reads/copies into its configuration and can therefore influence later agent behavior.