tailscale-install

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill's headless-install instructions explicitly require placing a generated auth key into a command-line flag (sudo tailscale up --authkey=tskey-auth-), which involves embedding a secret verbatim into the agent's output/commands.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill includes a runtime one-liner that fetches and executes remote code — "curl -fsSL https://tailscale.com/install.sh | sh" — so the URL https://tailscale.com/install.sh directly controls execution during the skill's runtime.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The skill explicitly instructs installing software (including curl | sh), enabling and starting system services, and running multiple sudo commands (e.g., systemctl enable --now tailscaled, sudo tailscale up), which modify system files, services, and network state and therefore pushes privileged/state-changing actions on the host.