You own your attack surface at that point. Tailscale/Headscale is a matchmaker and key broker for the most part, the clients almost always (barring NAT issues) connect directly to one another. The normal security considerations apply as with running any service.