sales-third-party

SUSPICIOUS: the skill is mainly a broker for installing many third-party skills, creating a significant transitive trust and supply-chain risk. The install path appears to be the official skills.sh workflow, which lowers malware confidence, but the unpinned remote installs and inherited permissions make this high-risk for an agent environment.