tunnel-doctor
Warn
Audited by Snyk on Feb 17, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 1.00). The skill includes a runtime command that downloads and executes a remote install script ("curl -fsSL https://tailscale.com/install.sh | sh"), so https://tailscale.com/install.sh is a runtime external dependency that executes remote code.
MEDIUM W013: Attempt to modify system services in skill instructions.
- Attempt to modify system services in skill instructions detected (high risk: 1.00). The skill explicitly instructs using sudo and changing system-wide configuration (removing/installing packages, modifying routes/proxy configs, persisting env vars), which modifies the machine's state and requires root privileges.
Audit Metadata