tunnel-doctor
Fail
Audited by Gen Agent Trust Hub on Mar 23, 2026
Risk Level: HIGHPROMPT_INJECTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill includes a file '.security-scan-passed' which contains claims about its own safety and scan results, appearing as a self-referential pattern intended to influence analysis.
- [REMOTE_CODE_EXECUTION]: The skill instructions involve fetching and executing the official Tailscale installation script directly from its verified domain (tailscale.com) using a piped-to-shell command.
- [COMMAND_EXECUTION]: The skill executes system utilities including scutil, route, netstat, ifconfig, curl, ssh, and pkill to inspect and manage network configurations.
- [COMMAND_EXECUTION]: An inline Python command is used to dynamically update the OrbStack configuration file at a local system path.
- [EXTERNAL_DOWNLOADS]: The skill downloads networking software components from the official Tailscale service provider's website.
Recommendations
- HIGH: Downloads and executes remote code from: https://tailscale.com/install.sh - DO NOT USE without thorough review
Audit Metadata