Scan Report
0 /100
tailscale-manager
Manage Tailscale tailnet from chat. Check status, list devices, ping hosts, run network diagnostics, check serve/funnel config.
Legitimate read-only Tailscale network manager with a clean command whitelist, public IP masking, and no undeclared capabilities.
Safe to install
No action needed. The skill performs exactly as documented with no hidden functionality.
| Resource | Declared | Inferred | Status | Evidence |
|---|---|---|---|---|
| Shell | WRITE | WRITE | ✓ Aligned | subprocess.run(['tailscale'] + args) — declared in SKILL.md for status, ip, ping… |
| Network | READ | READ | ✓ Aligned | Executes tailscale CLI commands for network queries only |
| Filesystem | NONE | NONE | — | No file read/write operations in the code |
| Environment | NONE | NONE | — | No os.environ access |
| credential | NONE | NONE | — | No credential or token access; explicitly disclaimed in SKILL.md |
File Tree
2 files · 7.5 KB · 240 lines Python 1f · 196L
Markdown 1f · 44L
├─
▾
scripts
│ └─
tailscale_ctrl.py
Python
└─
SKILL.md
Markdown
Security Positives
✓ Strict command whitelist enforced: only 6 read-only subcommands are routed (status, ip, ping, netcheck, whois, serve-status)
✓ WRITE_COMMANDS set defined but never wired into dispatch — write operations are structurally impossible
✓ Public IP masking via regex covering all non-private ranges
✓ JSON parsing extracts only safe, non-sensitive fields (DNSName, Online, TailscaleIPs, OS)
✓ Subprocess timeout (15s default, 20s for ping, 30s for netcheck) prevents indefinite hanging
✓ SKILL.md accurately reflects all behavior — no doc-to-code mismatch
✓ No external network connections beyond tailscale CLI invocations
✓ No credential harvesting, no environment variable scanning, no sensitive file access