tauri-security

$npx mdskill add partme-ai/full-stack-skills/tauri-security

Configures Tauri v2 capabilities, scoped access rules, and ACL-based permissions for secure production apps.

  • Helps design and audit permissions to enforce minimum-privilege compliance in applications.
  • Integrates with Tauri v2 for generating capabilities/default.json and defining plugin-specific scopes.
  • Triggers on mentions of capabilities, ACL, or permissions to recommend secure configurations.
  • Presents results as JSON code snippets for capabilities and scoped access rules.
SKILL.md
.github/skills/tauri-securityView on GitHub ↗
---
name: tauri-security
description: "Configure Tauri v2 capabilities, scoped access rules, and ACL-based permission control for production apps. Use when generating capabilities/default.json, defining scoped access per plugin, or auditing permissions for minimum-privilege compliance."
license: Complete terms in LICENSE.txt
---


## When to use this skill

**ALWAYS use this skill when the user mentions:**
- Capability or scope design for Tauri v2
- Building or editing capabilities/default.json
- ACL-based permission control or audit

**Trigger phrases include:**
- "capabilities", "scope", "ACL", "permissions", "capabilities json", "minimum privilege"

## How to use this skill

1. **Create capabilities/default.json** in `src-tauri/capabilities/`:
   ```json
   {
     "identifier": "default",
     "description": "Main window capabilities",
     "windows": ["main"],
     "permissions": [
       "core:default",
       "dialog:allow-open",
       { "identifier": "fs:allow-read-text-file", "allow": [{ "path": "$APPDATA/**" }] },
       { "identifier": "http:default", "allow": [{ "url": "https://api.example.com/**" }] }
     ]
   }
   ```
2. **Map features to capabilities**: Each feature should use the minimum permissions required
3. **Define scoped access** to restrict file paths, URLs, and other resources:
   ```json
   { "identifier": "fs:allow-write-text-file", "allow": [{ "path": "$APPDATA/config/**" }] }
   ```
4. **Assign capabilities per window** -- different windows can have different permission sets
5. **Audit permissions** before release: remove any unused permissions, verify scope restrictions
6. **Validate at runtime** by testing that restricted operations correctly fail outside their scope

## Outputs

- capabilities/default.json with minimal permissions
- Feature-to-capability mapping
- Scoped access rules for files, URLs, and plugins
- Permission audit checklist

## References

- https://v2.tauri.app/security/capabilities/
- https://v2.tauri.app/security/scope/

## Keywords

tauri security, capabilities, scope, ACL, permissions, minimum privilege
More from partme-ai/full-stack-skills