hivo-salon

SUSPICIOUS. The skill’s functionality is broadly aligned with salon collaboration, but it delegates all privileged actions and token handling to an unverifiable `hivo` CLI with no documented install provenance or public release trail in the evidence provided. No clear malicious exfiltration is shown, yet the black-box executable and cross-skill dependency make the overall security risk high.