copy-skill

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill scans and reads SKILL.md frontmatter and copies entire skill directories from the Product Forge marketplace cache (~/.claude/plugins/cache/product-forge-marketplace/*/skills/), which are third-party/untrusted plugin files (including scripts and skill definitions) that could be introduced into the agent's configuration and thereby enable indirect prompt-injection.