This is the skill you reach for when Tailscale ping works but SSH or HTTP mysteriously times out on macOS, or when your browser returns 503 but curl succeeds. It methodically walks through six conflict layers between Tailscale and proxy tools like Shadowrocket, Clash, or Surge: route hijacking, HTTP proxy environment variables, system proxy bypass, SSH ProxyCommand double tunneling, VM runtime proxy propagation in Docker and OrbStack, and stalled DNS resolvers that cause 60 second hangs. The diagnostic tables are excellent at distinguishing symptoms that look similar but have different root causes. It also covers SSH access to WSL instances over Tailscale, which has its own trap involving snap sandbox restrictions.
npx skills add https://github.com/daymade/claude-code-skills --skill tunnel-doctor