Back to skill
Skillv1.0.0
ClawScan security
Claw Relay · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 27, 2026, 2:01 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is internally consistent: it documents using Tailscale exit nodes to route an agent's traffic and only requires the tailscale binary and the user to run the documented Tailscale commands.
- Guidance
- This skill is coherent and documents a standard way to route a VPS's traffic through a home IP using Tailscale exit nodes. Before using it, consider: (1) Security/privacy: traffic from your VPS will egress your home network — any malicious or misconfigured agent on the VPS could reach services on your LAN or consume your bandwidth. Only enable an exit node on machines you trust and monitor. (2) Availability: your laptop must stay online; if it sleeps or disconnects the VPS loses internet egress. (3) Provider/ToS: routing traffic this way may violate your cloud provider or ISP terms — check policies. (4) Installation safety: the install step uses a remote install script (official tailscale.com URL); if you prefer, review the script before running it or use platform package managers. (5) If you want to avoid using Tailscale's control plane, consider the documented Headscale option. Also note a minor metadata inconsistency: the registry metadata listed no homepage, but the SKILL.md includes a homepage URL (clawrelay.ai); this is not a functionality problem but worth verifying the skill's source before proceeding.
Review Dimensions
- Purpose & Capability
- okName/description match the instructions: the SKILL.md explains how to advertise and use a Tailscale exit node from a residential machine and how to configure the VPS to use it. Required binary (tailscale) is appropriate and proportional.
- Instruction Scope
- noteInstructions remain within the stated purpose (install Tailscale, advertise/accept exit node, set --exit-node). They instruct the user to run system installer commands and use the Tailscale admin console, which is expected. Minor note: the doc suggests both 'transparent network routing' and an optional per-process proxy approach; that's not harmful but slightly contradictory in phrasing.
- Install Mechanism
- noteThe instructions recommend running the official Tailscale install script (curl -fsSL https://tailscale.com/install.sh | sh). This is a common, documented installation method for Tailscale; it is a remote install-and-execute pattern (higher-risk in general) but uses the vendor's canonical URL.
- Credentials
- okThe skill requests no environment variables, no credentials, and no config paths. That is proportional for a networking/instructions-only skill.
- Persistence & Privilege
- okSkill is instruction-only, has no install-time artifacts, and does not request 'always: true' or system-wide persistent privileges. It does not request to modify other skills or system-wide agent settings.