That is a Firefox warning, because your connection to hidden services doesn't involve the SSL protocol, so it thinks the connection is unencrypted, but it is end-to-end encrypted by Tor and Firefox doesn't know that. They should patch Firefox to remove the warning for onion addresses but haven't done it yet. You can ignore/disable the warning for now.