Agent-Skills.md

Agent Skills: tauri-security

Configure Tauri v2 capabilities, scoped access rules, and ACL-based permission control for production apps. Use when generating capabilities/default.json, defining scoped access per plugin, or auditing permissions for minimum-privilege compliance.

UncategorizedID: teachingai/full-stack-skills/tauri-security

Repository

teachingai/full-stack-skills
partme-aiLicense: NOASSERTION
20635

Install this agent skill to your local

pnpm dlx add-skill https://github.com/partme-ai/full-stack-skills/tree/HEAD/skills/tauri-skills/tauri-security

Skill Files

Browse the full folder contents for tauri-security.

Download Skill

Loading file tree…

skills/tauri-skills/tauri-security/SKILL.md

Skill Metadata

Name
tauri-security
Description
"Configure Tauri v2 capabilities, scoped access rules, and ACL-based permission control for production apps. Use when generating capabilities/default.json, defining scoped access per plugin, or auditing permissions for minimum-privilege compliance."

When to use this skill

ALWAYS use this skill when the user mentions:

  • Capability or scope design for Tauri v2
  • Building or editing capabilities/default.json
  • ACL-based permission control or audit

Trigger phrases include:

  • "capabilities", "scope", "ACL", "permissions", "capabilities json", "minimum privilege"

How to use this skill

  1. Create capabilities/default.json in src-tauri/capabilities/: 
    {
  "identifier": "default",
  "description": "Main window capabilities",
  "windows": ["main"],
  "permissions": [
    "core:default",
    "dialog:allow-open",
    { "identifier": "fs:allow-read-text-file", "allow": [{ "path": "$APPDATA/**" }] },
    { "identifier": "http:default", "allow": [{ "url": "https://api.example.com/**" }] }
  ]
}
  2. Map features to capabilities: Each feature should use the minimum permissions required
  3. Define scoped access to restrict file paths, URLs, and other resources: 
    { "identifier": "fs:allow-write-text-file", "allow": [{ "path": "$APPDATA/config/**" }] }
  4. Assign capabilities per window -- different windows can have different permission sets
  5. Audit permissions before release: remove any unused permissions, verify scope restrictions
  6. Validate at runtime by testing that restricted operations correctly fail outside their scope

Outputs

  • capabilities/default.json with minimal permissions
  • Feature-to-capability mapping
  • Scoped access rules for files, URLs, and plugins
  • Permission audit checklist

References

  • https://v2.tauri.app/security/capabilities/
  • https://v2.tauri.app/security/scope/

Keywords

tauri security, capabilities, scope, ACL, permissions, minimum privilege