fix-demos

SUSPICIOUS. The skill’s capabilities broadly match its stated purpose and the main endpoints are same-org, so this is not strongly indicative of malware. However, it reads raw tokens, ingests untrusted website content, sends company URLs to a third-party API, and can autonomously rewrite/publish demos and update CRM records, making the overall security risk medium.