The Agent Skills Directory

[COMMAND_EXECUTION] (HIGH): The skill instructs the agent on how to use tailscale ssh, which grants the capability to execute commands on remote hosts. This is a high-risk capability that could be abused to spread malicious instructions across a private network.
[DATA_EXFILTRATION] (HIGH): The inclusion of tailscale file cp and tailscale file get provides the agent with a direct mechanism to transfer files out of the local environment. Additionally, the tailscale funnel command allows the agent to expose local ports (and the services running on them) to the public internet, posing a severe risk of data exposure.
[INDIRECT_PROMPT_INJECTION] (HIGH): Category 8 analysis reveals a high vulnerability tier. The skill provides powerful write and execute capabilities (SSH, Funnel, File transfer) that can be triggered if the agent processes untrusted external data (e.g., instructions from a malicious email or web page) telling it to 'tunnel port 8080' or 'send secrets to hostname'. There are no boundary markers or sanitization steps defined in the skill to prevent such misuse.
[PRIVILEGE_ESCALATION] (LOW): Commands like tailscale up and tailscale set often require administrative/root privileges on most operating systems, which may lead to the agent attempting to escalate privileges to perform network configuration.

tailscale