hokodo

SUSPICIOUS: The skill is mostly coherent as a Membrane-based Hokodo integration, and its CLI install path is from an official registry. The main concern is data-flow integrity: Hokodo access is mediated through Membrane's hosted CLI/proxy service, creating a third-party trust boundary for credentials and API traffic that goes beyond a direct Hokodo integration. Not malicious, but medium risk due to intermediary routing and external service dependence.