I thought this was only a risk if using an improper client? So if I were to use a bitcoin cash wallet to send bitcoin cash, it should not send bitcoin gold by mistake, right (even if replay protection was not active)? And vice-versa.
It doesn't work that way. The whole point of a replay attack is that the same transaction is valid on two or more forks. Even if you were to use a "correct" client to send the Bitcoin Cash, the transaction may be valid on another fork. Anyone can then take the transaction and broadcast it on other forks. The recipients would be receiving more than one coin.
As someone else mentioned, what about the risk that one of the forks will steal coins on the other fork? In my mind, the best procedure would have been to move coins to a new address before each fork. So if BTC were sent to a new address prior to the BCH fork, and then the BTC was sent to another new address before the BCG fork, without actually claiming any coins for either BCH or BTG.
You can't steal coins on another fork, and if you can do that, no one should be supporting that chain. If you're talking about the risk of clients stealing the coins, then yeah, its a prevalent risk.