ReddRadar
Agent skill
tauri-security
Configure Tauri v2 capabilities, scoped access rules, and ACL-based permission control for production apps. Use when generating capabilities/default.json, defining scoped access per plugin, or auditing permissions for minimum-privilege compliance.
Install this agent skill to your Project
npx add-skill https://github.com/partme-ai/full-stack-skills/tree/main/skills/tauri-skills/tauri-security
SKILL.md
When to use this skill
ALWAYS use this skill when the user mentions:
- Capability or scope design for Tauri v2
- Building or editing capabilities/default.json
- ACL-based permission control or audit
Trigger phrases include:
- "capabilities", "scope", "ACL", "permissions", "capabilities json", "minimum privilege"
How to use this skill
- Create capabilities/default.json in
src-tauri/capabilities/:json{ "identifier": "default", "description": "Main window capabilities", "windows": ["main"], "permissions": [ "core:default", "dialog:allow-open", { "identifier": "fs:allow-read-text-file", "allow": [{ "path": "$APPDATA/**" }] }, { "identifier": "http:default", "allow": [{ "url": "https://api.example.com/**" }] } ] } - Map features to capabilities: Each feature should use the minimum permissions required
- Define scoped access to restrict file paths, URLs, and other resources:
json
{ "identifier": "fs:allow-write-text-file", "allow": [{ "path": "$APPDATA/config/**" }] } - Assign capabilities per window -- different windows can have different permission sets
- Audit permissions before release: remove any unused permissions, verify scope restrictions
- Validate at runtime by testing that restricted operations correctly fail outside their scope
Outputs
- capabilities/default.json with minimal permissions
- Feature-to-capability mapping
- Scoped access rules for files, URLs, and plugins
- Permission audit checklist
References
Keywords
tauri security, capabilities, scope, ACL, permissions, minimum privilege
Recommended Agent Skills
Expand your agent's capabilities with these related and highly-rated skills.
partme-ai/full-stack-skills
ocrmypdf-batch
OCRmyPDF batch processing skill — process multiple PDFs, Docker automation, shell scripting, and CI/CD integration. Use when the user needs to OCR many PDFs, set up automated OCR pipelines, or integrate OCR into workflows.
partme-ai/full-stack-skills
ocrmypdf-optimize
OCRmyPDF optimization skill — compress PDFs, configure PDF/A output, JBIG2 encoding, and lossless optimization. Use when the user needs to reduce PDF file size, create archival PDF/A files, or optimize OCR output.
partme-ai/full-stack-skills
ocrmypdf-image
OCRmyPDF image processing skill — deskew, rotate, clean, despeckle, remove border from scanned documents. Use when the user needs to improve scanned PDF quality, fix skewed pages, remove noise, or clean up scanned documents before OCR.
partme-ai/full-stack-skills
ocrmypdf-api
OCRmyPDF Python API and plugin skill — use OCRmyPDF programmatically from Python, integrate with applications, and extend with plugins (EasyOCR, PaddleOCR, AppleOCR). Use when the user needs to call OCRmyPDF from Python code, build OCR pipelines, or use alternative OCR engines.
partme-ai/full-stack-skills
ocrmypdf
OCRmyPDF core skill — add searchable OCR text layer to scanned PDFs, convert images to searchable PDFs, support 100+ languages via Tesseract. Use when the user needs to OCR a PDF, make a scanned PDF searchable, or extract text from scanned documents.
partme-ai/full-stack-skills
svelte
Guides Svelte and SvelteKit development including reactive components, stores, transitions, lifecycle hooks, SSR, file-based routing, and deployment. Use when the user needs to build Svelte components, create SvelteKit applications, implement reactivity patterns, or configure Svelte with Vite.
Didn't find tool you were looking for?