← 返回 Skills 市场
Tailscale Manager
作者
LookUpMark
· GitHub ↗
· v1.3.0
· MIT-0
152
总下载
0
收藏
0
当前安装
4
版本数
在 OpenClaw 中安装
/install lookupmark-tailscale-manager
功能描述
Manage Tailscale tailnet from chat. Check status, list devices, ping hosts, run network diagnostics, check serve/funnel config. All public IPs are automatica...
使用说明 (SKILL.md)
Tailscale Manager
Secure Tailscale network management with automatic IP masking.
Usage
python3 scripts/tailscale_ctrl.py status # Network overview
python3 scripts/tailscale_ctrl.py devices # Connected devices
python3 scripts/tailscale_ctrl.py ip # This device's IPs
python3 scripts/tailscale_ctrl.py ping \x3Chost> # Ping a device
python3 scripts/tailscale_ctrl.py netcheck # Network diagnostics
python3 scripts/tailscale_ctrl.py serve-status # Current serve config
python3 scripts/tailscale_ctrl.py whois \x3Cip> # Who is this IP
All commands support --json for structured output.
Security
- Command whitelist: Only safe read-only commands (
status,ip,ping,netcheck,whois,serve-status) - No write access: Cannot modify serve/funnel config, change ACLs, or administer tailnet
- IP masking: Public IPs automatically replaced with
[IP-MASKED] - No auth keys: Never accesses or exposes Tailscale auth keys
- No secrets: Does not read config files or tokens
What's Masked
| Kept | Masked |
|---|---|
| Tailscale IPs (100.x.x.x) | Public IPs |
| DNS names | External IPs |
| Online/offline status | — |
安全使用建议
This skill appears to do exactly what it says: it runs read-only tailscale CLI commands and masks public IPs in displayed output. Before installing: ensure the host already has the tailscale CLI and that you expect the agent to be able to run that binary. Understand that the script relies on the local Tailscale daemon for state/auth — it does not itself read auth tokens, but the tailscale CLI uses the system's existing credentials. Masking is applied to final printed output (including printed JSON); structured Python objects returned inside the script are not masked until serialized, so avoid programmatic consumption of raw internal data if you need masking guarantees. If you require stronger enforcement, ask the author to (a) remove unused constants (like READ_COMMANDS) or enforce them at runtime, and (b) explicitly document that masking is strictly applied only to printed output.
功能分析
Type: OpenClaw Skill
Name: lookupmark-tailscale-manager
Version: 1.3.0
The tailscale-manager skill provides a read-only interface for monitoring Tailscale networks. It implements security best practices including a command whitelist, safe subprocess execution (avoiding shell injection), and automated masking of public IP addresses in the output. No evidence of malicious intent, data exfiltration, or unauthorized access was found in scripts/tailscale_ctrl.py or SKILL.md.
能力评估
Purpose & Capability
Name/description, declared dependency (tailscale CLI), and included script align: the script runs read-only Tailscale CLI commands (status, ip, ping, netcheck, whois, serve status). There are no unrelated binaries or credentials requested.
Instruction Scope
SKILL.md claims a command whitelist and IP masking of public addresses. The CLI subparsers restrict available commands to read-only operations. Minor implementation notes: the READ_COMMANDS constant is defined but not programmatically enforced (the argparse subparsers provide the actual restriction). IP masking is applied to the final text output and to the printed JSON string; the internal structured summary returned by get_status_json is not masked until it is serialized and printed. This is coherent for CLI use but means code-level consumers of the raw dict would see unmasked structured fields (Tailscale IPs are kept unmasked by design).
Install Mechanism
No install spec; instruction-only skill that requires the tailscale CLI to be present. There are no downloads or external install URLs in the package.
Credentials
The skill declares no environment variables or credentials. It invokes the tailscale binary, which uses the system's Tailscale daemon and its existing auth state; the script itself does not read config files, tokens, or unrelated secrets.
Persistence & Privilege
always:false and normal user-invocable/autonomous settings. The skill does not request persistent presence, nor does it modify other skills or system-wide settings.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install lookupmark-tailscale-manager - 安装完成后,直接呼叫该 Skill 的名称或使用
/lookupmark-tailscale-manager触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.3.0
IP masking in JSON output, improved IPv6 regex
v1.2.0
Fixed: IP masking now happens AFTER JSON parsing, not before. Added tailscale CLI dependency in metadata. Cleaner separation of raw vs masked output.
v1.1.0
IPv6 public IP masking added.
v1.0.0
Initial release. Status, devices, ping, netcheck, serve-status. Public IP masking. Read-only commands.
元数据
常见问题
Tailscale Manager 是什么?
Manage Tailscale tailnet from chat. Check status, list devices, ping hosts, run network diagnostics, check serve/funnel config. All public IPs are automatica... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 152 次。
如何安装 Tailscale Manager?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install lookupmark-tailscale-manager」即可一键安装,无需额外配置。
Tailscale Manager 是免费的吗?
是的,Tailscale Manager 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Tailscale Manager 支持哪些平台?
Tailscale Manager 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Tailscale Manager?
由 LookUpMark(@lookupmark)开发并维护,当前版本 v1.3.0。
推荐 Skills