gang

SUSPICIOUS: the skill’s stated purpose matches its behavior, but its actual footprint depends almost entirely on an external `hive` CLI installed from an unpinned personal GitHub repo, and that CLI then performs broader orchestration and downstream skill handoff. This is not enough to call malicious, but the install trust and delegated control make it medium risk.