Tailscale Network Orchestrator

Security checks across malware telemetry and agentic risk

Overview

This skill is a read-only Tailscale status helper that exposes expected tailnet device details but shows no hidden, destructive, or persistent behavior.

Install this only if you are comfortable letting the agent show Tailscale device names, Tailscale IP addresses, and online status in chat or logs. Treat future versions differently if they add commands that change network settings, expose services, share devices, or approve access.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The trigger phrase "manage tailscale" is broad and action-oriented, which increases the chance of accidental or ambiguous activation. In the context of a skill that can query and potentially manage a network overlay, unintended invocation could expose network status or perform administrative actions without the user clearly intending that specific skill.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal