Security audit

Tailscale VPN

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward Tailscale setup guide with expected VPN installation and networking commands, not a hidden or deceptive skill.

Before installing, verify you are using official Tailscale sources and prefer a trusted package manager when available. Understand that Tailscale changes system networking, may require administrator privileges, runs a background service, and options like subnet routes, sharing, and exit nodes can expose or route network access if configured too broadly.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 78% confidence
Finding: The document includes installation and service-start commands that modify the host system and establish network connectivity, but it does not warn users about privilege use, package trust, or the effect of joining a tailnet. In an agent skill context, operational commands without explicit safety guidance can lead users to run impactful actions they do not fully understand.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.