The Agent Skills Directory

[SAFE]: The skill documents the Tauri 2.x framework with a strong emphasis on security best practices.
[COMMAND_EXECUTION]: The skill describes the use of the Tauri Shell plugin for opening URLs and executing sidecar binaries (e.g., ffmpeg). It correctly advises users to use the capability system to restrict shell access to specific, pre-defined commands and arguments, following the principle of least privilege.
[EXTERNAL_DOWNLOADS]: The skill provides instructions for the Tauri Auto-updater plugin. This is a standard framework feature for application distribution and is documented using generic example endpoints. It includes security requirements such as code signing and public key verification.
[DATA_EXFILTRATION]: No exfiltration patterns were found. Filesystem and network access are documented within the context of the Tauri permission system, which requires explicit developer configuration to enable.
[PROMPT_INJECTION]: No malicious prompt injection or behavior override instructions were detected. The use of 'CRITICAL' and 'IMPORTANT' headers is appropriate for highlighting technical requirements and standard software maintenance tasks (e.g., cleaning up event listeners).
[INDIRECT_PROMPT_INJECTION]: The skill correctly identifies the attack surface where a Tauri backend (Rust) processes data from a frontend (Webview). It provides mitigations for this surface by documenting Content Security Policy (CSP) configurations and granular window-based permissions.

desktop-framework-tauri