OpenClaw Tailscale Remote Access
Security checks across static analysis, malware telemetry, and agentic risk
Overview
The skill coherently sets up Tailscale remote access, but its inspector can print OpenClaw configuration and pairing files unredacted, potentially exposing access tokens in agent logs.
Install only if you want an agent to change OpenClaw and Tailscale remote-access settings. Before running the inspector, be aware it may print secrets from ~/.openclaw/openclaw.json; redact tokens, confirm you are not connected through Tailscale SSH, check existing Tailscale Serve mappings, and rotate the gateway token if it is exposed.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Your OpenClaw gateway token or pairing details could be exposed to the agent or saved in logs while troubleshooting.
The inspector prints the OpenClaw config and pending pairing file to stdout without redaction. Since this skill stores gateway auth settings in that config, secrets can enter the agent transcript, terminal logs, or other retained context.
sed -n '1,220p' "$CONFIG_PATH" ... cat "$HOME/.openclaw/devices/pending.json"
Redact sensitive fields before printing configuration files, inspect only specific non-secret settings, and ask the user before displaying pairing or auth files.
Anyone who obtains the configured token and has suitable network reachability may be able to access the OpenClaw gateway.
The script intentionally writes a user-provided gateway token and enables Tailscale-based access. This is aligned with the remote-access purpose, but it is credential-bearing authority.
auth["mode"] = "token" auth["token"] = args.token auth["allowTailscale"] = True
Use a fresh, least-privilege token if available, protect file permissions on the OpenClaw config, and rotate the token if it was displayed or logged.
Running the commands on the wrong session or host could disrupt existing Tailscale/OpenClaw access or replace other Serve configuration.
The workflow restarts a user service, changes Tailscale state, and provides an optional reset path for Tailscale Serve. These actions are disclosed and purpose-aligned, but they can affect connectivity and existing Serve mappings.
systemctl --user restart openclaw-gateway ... tailscale up --accept-dns=false --accept-routes=false --ssh=false ... bash "$SKILL_DIR/scripts/configure_tailscale_serve.sh" --reset-first --port "$GATEWAY_PORT"
Run only from a non-Tailscale recovery path as documented, review existing Tailscale Serve configuration first, and avoid the reset option unless you intend to replace current Serve handlers.