tauri-framework-security
$
npx mdskill add partme-ai/full-stack-skills/tauri-framework-securityHarden Tauri v2 apps with baseline security controls like CSP, headers, and capability matrices for audits or production.
- Helps secure Tauri applications by configuring essential security measures during development or audits.
- Integrates with Tauri v2 framework, focusing on CSP, HTTP headers, and runtime authority settings.
- Triggers on phrases like 'security hardening' or 'CSP' to recommend specific configurations and permissions.
- Presents results through structured examples in JSON and tables for easy implementation.
SKILL.md
.github/skills/tauri-framework-securityView on GitHub ↗
---
name: tauri-framework-security
description: "Harden a Tauri v2 app with baseline security controls including CSP, HTTP headers, runtime authority, and capability matrices. Use when performing security audits, configuring CSP/headers per window, or building a minimum-privilege capability matrix for production."
license: Complete terms in LICENSE.txt
---
## When to use this skill
**ALWAYS use this skill when the user mentions:**
- Tauri v2 security hardening or audit
- CSP, HTTP headers, or runtime authority configuration
- Building a capability matrix for minimum-privilege access
**Trigger phrases include:**
- "security hardening", "CSP", "security audit", "capability matrix", "runtime authority"
## How to use this skill
1. **Build a capability matrix** mapping each feature to minimum-required permissions:
```
Feature | Plugin | Permission | Scope
Read user files | fs | fs:allow-read-text-file | $DOCUMENT/**
Send API calls | http | http:default | https://api.example.com/**
Notifications | notification | notification:allow-notify | (no scope)
```
2. **Configure CSP** in `tauri.conf.json`:
```json
{ "app": { "security": { "csp": "default-src 'self'; connect-src 'self' https://api.example.com" } } }
```
3. **Set HTTP headers** for additional security:
```json
{ "app": { "security": { "headers": { "X-Content-Type-Options": "nosniff" } } } }
```
4. **Review runtime authority**: Ensure each window only has the capabilities it needs
5. **Audit plugin permissions** against actual usage -- remove any permissions not actively required
6. **Produce a release security checklist**: CSP validated, headers set, capabilities minimized, no debug permissions in production
## Outputs
- Capability matrix with minimal scope per feature
- CSP and HTTP headers configuration
- Release security audit checklist
## References
- https://v2.tauri.app/security/
- https://v2.tauri.app/security/capabilities/
- https://v2.tauri.app/security/csp/
## Keywords
tauri security, CSP, hardening, capability matrix, runtime authority, audit