Tailscale Manager
v1.3.0Manage Tailscale tailnet from chat. Check status, list devices, ping hosts, run network diagnostics, check serve/funnel config. All public IPs are automatica...
⭐ 0· 74·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description, declared dependency (tailscale CLI), and included script align: the script runs read-only Tailscale CLI commands (status, ip, ping, netcheck, whois, serve status). There are no unrelated binaries or credentials requested.
Instruction Scope
SKILL.md claims a command whitelist and IP masking of public addresses. The CLI subparsers restrict available commands to read-only operations. Minor implementation notes: the READ_COMMANDS constant is defined but not programmatically enforced (the argparse subparsers provide the actual restriction). IP masking is applied to the final text output and to the printed JSON string; the internal structured summary returned by get_status_json is not masked until it is serialized and printed. This is coherent for CLI use but means code-level consumers of the raw dict would see unmasked structured fields (Tailscale IPs are kept unmasked by design).
Install Mechanism
No install spec; instruction-only skill that requires the tailscale CLI to be present. There are no downloads or external install URLs in the package.
Credentials
The skill declares no environment variables or credentials. It invokes the tailscale binary, which uses the system's Tailscale daemon and its existing auth state; the script itself does not read config files, tokens, or unrelated secrets.
Persistence & Privilege
always:false and normal user-invocable/autonomous settings. The skill does not request persistent presence, nor does it modify other skills or system-wide settings.
Assessment
This skill appears to do exactly what it says: it runs read-only tailscale CLI commands and masks public IPs in displayed output. Before installing: ensure the host already has the tailscale CLI and that you expect the agent to be able to run that binary. Understand that the script relies on the local Tailscale daemon for state/auth — it does not itself read auth tokens, but the tailscale CLI uses the system's existing credentials. Masking is applied to final printed output (including printed JSON); structured Python objects returned inside the script are not masked until serialized, so avoid programmatic consumption of raw internal data if you need masking guarantees. If you require stronger enforcement, ask the author to (a) remove unused constants (like READ_COMMANDS) or enforce them at runtime, and (b) explicitly document that masking is strictly applied only to printed output.Like a lobster shell, security has layers — review code before you run it.
latestvk97ef1hshhdvwfk1bqmen8a8nd84aang
License
MIT-0
Free to use, modify, and redistribute. No attribution required.