sales-proposal-analytics

SUSPICIOUS: the core analytics and Qwilr API usage are broadly aligned with the stated sales purpose and use official Qwilr endpoints, so there is no strong evidence of credential theft or malicious exfiltration. The main risk comes from the transitive `npx skills add` installation instruction to an unverified skill target, plus arbitrary webhook forwarding to user-chosen endpoints and minor persistent file writes. Overall this looks like a mostly legitimate sales skill with moderate trust-chain risk rather than malware.