sales-deal-room

SUSPICIOUS: The core deal-room guidance is aligned with its sales purpose, and the Qwilr token is used against Qwilr's official API. However, the skill expands into webhook analytics that route buyer-engagement data to an arbitrary external endpoint, includes a self-modifying file-write pattern, and instructs transitive installation of another skill from an unverified repo/org. These issues are not fundamentally malicious, but they make the skill broader and riskier than a simple documentation/design skill.