Safety Report

Perry Workspaces

Name: Perry Workspaces
Rating: 5 (2 reviews)
Author: gricha

Create and manage isolated Docker workspaces on your tailnet with Claude Code and OpenCode pre-installed. Use when working with Perry workspaces, connecting to coding agents, or managing remote development environments.

2,194Downloads

5Installs

2Stars

2Versions

DevOps & Infrastructure1,045

Security Analysis

medium confidence

Clean

The skill's instructions match a workspace-management purpose but metadata is incomplete and the skill assumes privileged network/SSH tooling that isn't declared or sourced — proceed with caution.

Mar 7, 20261 files2 concerns

Purpose & Capabilityconcern

The SKILL.md relies on external tooling (perry CLI, ssh, tailscale, a running Claude/OpenCode inside containers, and SSH keys for [email protected]) but the registry metadata declares no required binaries, env vars, or sources. That mismatch is unexpected and unexplained for a workspace manager.

Instruction Scopeok

Runtime instructions are narrowly focused on creating/listing/stopping/removing workspaces and SSHing into them. They do not instruct reading host files or exporting secrets. However, the guidance expects the agent/user to run interactive shells inside remote containers, which grants broad remote execution capability (expected for this tool but worth noting).

Install Mechanismok

No install spec and no code files — lower disk/write risk. The skill is instruction-only, so it won't drop archives or install packages itself. The tradeoff is that required external binaries must already be present on the host.

Credentialsnote

No environment variables or credentials are declared, but the instructions implicitly require network access, Tailscale authentication, SSH private keys (for ssh and [email protected] cloning), and reachable container services (OpenCode/Claude). The skill should have declared these expectations explicitly.

Persistence & Privilegeok

always:false and no install actions — the skill does not request persistent system presence or modify other skills. Model invocation is enabled (default), which means the agent could call this skill autonomously; that is normal but combine with the above gaps when deciding trust.

Guidance

This skill appears to be an instruction set for a workspace manager but omits key operational details and has no source or homepage. Before installing: 1) Ask the publisher for the source repository or documentation and require the skill metadata to list required binaries (perry, ssh, tailscale) and any needed credentials. 2) Ensure you have Tailscale access and SSH keys configured — the SKILL.md assumes these but does not manage them. 3) Understand that using the skill will let the agent open interactive shells on remote containers (remote command execution); only allow that if you trust the remote workloads and network. 4) Prefer skills with a verifiable homepage or source; with an unknown origin, consider running any actions in a sandboxed environment and do not supply unrelated credentials.

Latest Release

v1.1.0

Trimmed 3KB to 1.3KB - more concise

More by @gricha

Workout

2 stars

Perry Coding Agents

2 stars

Dex Task Tracking

0 stars

self-improving-agent

@pskoett · 1,456 stars

Gog

@steipete · 672 stars

Tavily Web Search

@arun-8687 · 620 stars

Published by @gricha on ClawHub