Back to skill

Security audit

Tailscale Serve

Security checks across malware telemetry and agentic risk

Overview

This is a simple Tailscale Serve guide; it can expose user-selected local files or services to a Tailscale network, but that behavior is central to the skill and is not hidden.

Install only if you want help managing Tailscale Serve. Before running examples, check `tailscale serve status`, serve only narrow non-sensitive files, folders, or ports, avoid broad personal directories and unauthenticated admin/dev endpoints, and remember that background serve routes remain active until turned off or reset.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill instructs users to expose local directories, files, and localhost-backed services via `tailscale serve` but does not clearly warn that this publishes local resources onto the Tailscale network. That omission can cause accidental exposure of sensitive files, internal APIs, or development services that were assumed to be local-only, especially because the examples normalize serving arbitrary paths and localhost ports.

Missing User Warnings

Low
Confidence
87% confidence
Finding
The skill presents `tailscale serve reset` as a troubleshooting step without a prominent warning that it clears all existing serve configuration. A user following the example could unintentionally remove previously configured paths or services, causing unexpected exposure changes or service disruption.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.