kickinrad/tailscale-setup
plugins/bridgey/skills/tailscale-setup/SKILL.md
First-time Tailscale mesh network configuration for bridgey. Updates daemon binding for tailnet access and runs initial peer scan.
data-ai
Updated Apr 17, 2026
$ install --global
skillsauthnpx skillsauth add kickinrad/bridgey tailscale-setupInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 17, 2026, 10:41 AM16.1s1 file scanned
SKILL.md
- name:
- tailscale-setup
- description:
- First-time Tailscale mesh network configuration for bridgey. Updates daemon binding for tailnet access and runs initial peer scan.
- user_invocable:
- true
bridgey Tailscale Setup
Configure bridgey for Tailscale mesh network discovery.
Steps
-
Check Tailscale is running: Run
tailscale statusvia Bash. If it fails, tell the user to install Tailscale (https://tailscale.com/download) or runtailscale up. -
Find bridgey config: Look for bridgey's config at
~/.bridgey/bridgey.config.jsonor check the bridgey plugin'sbridgey.config.json. If not found, tell the user to run/bridgey:setupfirst. -
Update bridgey daemon binding: Read the bridgey config file. Update two fields:
- Set
bindto"0.0.0.0" - Set
"trusted_networks"— merge Tailscale CIDR with any existing entries:- Always add:
"100.64.0.0/10"(Tailscale IPs) - If running in Docker, also add:
"172.16.0.0/12"and"10.0.0.0/8"(Docker bridge/overlay) Write the updated config back. Explain to the user: "This binds your bridgey daemon to all interfaces but only accepts unauthenticated connections from Tailscale IPs (100.64.0.0/10). Other sources still need a bearer token."
- Always add:
- Set
-
Restart bridgey daemon: Stop and start the daemon (if dist/daemon.js is missing, run
npm run buildfrom plugins/bridgey/ first):node ${CLAUDE_PLUGIN_ROOT}/dist/daemon.js stop node ${CLAUDE_PLUGIN_ROOT}/dist/daemon.js start --config <config-path>Verify it restarted successfully:
curl -s http://localhost:<port>/health | jq .Expected:
{"status":"ok",...}. If it fails, check~/.bridgey/daemon.logfor errors. -
Write tailscale config: Create
~/.bridgey/tailscale.config.jsonwith defaults:{ "bridgey_port": <port from bridgey config>, "probe_timeout_ms": 2000, "exclude_peers": [], "scan_on_session_start": true } -
Run first scan: Use the
tailscale_scanMCP tool to discover peers. Display the results. -
Remind the user: Other devices on the tailnet also need bridgey with Tailscale configured to be discoverable. Tell them to run
/bridgey:tailscale-setupon each device.
Related Skills
kickinrad/bridgey
testing
VerifiedTrustedCommunity
This skill should be used when the user asks to "set up bridgey", "configure bridgey", "initialize bridgey", "bridgey setup", "check bridgey status", "show bridgey agents", "is bridgey running", "bridgey health", "show connected agents", "add a bridgey agent", "connect to another agent", "register a remote agent", "add remote agent", "configure tailscale for bridgey", "scan tailnet for bridgey", or runs `/bridgey:setup`, `/bridgey:status`, `/bridgey:add-agent`, `/bridgey:tailscale-setup`, `/bridgey:tailscale-scan`. Lifecycle surface for the bridgey A2A daemon — first-time setup, health dashboard, remote-agent registration, and Tailscale mesh discovery.
SKILL.mdUpdated May 9, 2026
kickinrad/tailscale-scan
data-ai
VerifiedTrustedCommunity
Manually scan the Tailscale network for bridgey agents. Shows discovered, new, and removed agents.
SKILL.mdUpdated Apr 17, 2026
kickinrad/status
testing
VerifiedTrustedCommunity
This skill should be used when the user asks to "check bridgey status", "show bridgey agents", "is bridgey running", "bridgey health", "show connected agents", runs "/bridgey:status", or wants to see the state of the bridgey daemon and connected agents.
SKILL.mdUpdated Apr 17, 2026
kickinrad/setup
documentation
VerifiedTrustedCommunity
This skill should be used when the user asks to "set up bridgey", "configure bridgey", "initialize bridgey", "bridgey setup", runs "/bridgey:setup", or is installing bridgey for the first time. Guides interactive first-time configuration of the bridgey daemon.
SKILL.mdUpdated Apr 17, 2026