hivo-club

SUSPICIOUS. The skill’s capabilities generally match its stated purpose, but trust is weakened by reliance on an undocumented `hivo` CLI and opaque token handling. There is no clear evidence of credential theft or exfiltration in this file, yet the unverifiable executable dependency and hidden auth flow make the overall security risk high.