tailscale

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). Flagged because the workflow explicitly runs curl -fsSL https://tailscale.com/install.sh | sh, which fetches and executes remote code at runtime and is presented as the required install step for onboarding new servers.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 0.90). The skill explicitly instructs the agent to run local CLI and API operations that change machine and tailnet state (tailscale up/down, enable SSH, serve/funnel, create/revoke auth keys, authorize/delete devices), which modify network/services and can expose or alter the host even though it doesn't explicitly ask for sudo or user creation.