Tailscale Serve
PassAudited by ClawScan on May 1, 2026.
Overview
This instruction-only skill is coherent for managing Tailscale Serve, but it can expose local files or ports and keep them running in the background, so users should choose sources carefully.
Install only if you intend the agent to help manage Tailscale Serve. Before running commands, confirm the exact local path or port, avoid broad sensitive folders like all documents unless intended, check `tailscale serve status`, and remove or reset routes when finished.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If a broad or sensitive path is selected, local files or a local service may become reachable to the intended Tailscale audience.
The skill documents commands that can serve local folders and local web services through Tailscale. This is central to the skill's purpose, but users should notice the data/service exposure impact.
tailscale serve --bg --set-path /docs ~/documents tailscale serve --bg --set-path /app http://localhost:3000
Confirm the exact folder, file, or port before serving it, prefer narrow paths, and run status checks before and after changes.
Served content can remain available until the user removes that path or resets Tailscale Serve.
The instructions deliberately use background mode, meaning served content may continue to be available after the initial command. This is disclosed and purpose-aligned.
**Background mode:** Use `--bg` to keep it running
Use `tailscale serve status` to review active routes and turn off or reset routes when they are no longer needed.
The user's Tailscale machine identity and access settings determine who can reach the served content.
The served content is tied to the user's Tailscale hostname and access context. This is expected for Tailscale Serve, but it means the skill operates within the user's existing Tailscale authority.
Share the full URL: `https://[hostname].ts.net/your-path`
Verify Tailscale access controls and only share URLs with intended recipients.
Users need to rely on their own installed Tailscale CLI and cannot verify much about the skill source from the provided metadata.
The skill is instruction-only and has no install code, but its provenance is limited and the metadata does not declare the Tailscale CLI dependency used throughout SKILL.md.
Source: unknown; Homepage: none; Required binaries (all must exist): none
Use only a trusted local Tailscale installation and confirm the commands match expected Tailscale Serve behavior before use.