tauri

Installation
SKILL.md

Tauri Patterns

Reference Repositories

  • Tauri: Desktop app framework with Rust backend and web frontend

Upstream Grounding

When Tauri command behavior, permissions, capabilities, CSP, asset protocols, path APIs, plugin filesystem behavior, or IPC semantics affect correctness, use source-backed grounding before relying on memory. If DeepWiki MCP is available, ask a narrow question against tauri-apps/tauri; if it is unavailable or the repo is not indexed, use upstream source or official docs directly. Treat DeepWiki as orientation, then verify decisive details against local generated bindings, installed Rust crates, TypeScript types, source, or official docs before changing code.

Skip DeepWiki for repo-local command naming and app-specific wrapper conventions already visible in the code.

Commands, Permissions, And Security

  • Expose focused Rust APIs with #[tauri::command], register them with generate_handler!, and return Result<T, E> for fallible work.
  • Validate command inputs on the Rust side. TypeScript callers are not the trust boundary.
  • Keep capabilities least-privilege in app.security.capabilities, scoped to the windows or webviews that need them. Avoid broad permission wildcards.
  • Treat CSP, devCsp, asset protocol configuration, convertFileSrc, freezePrototype, and remote IPC as security-sensitive config.
  • Long-lived Rust objects should be Tauri resources with frontend ResourceIds. Do not serialize complex long-lived objects through command responses.
Installs
100
GitHub Stars
4.7K
First Seen
Jan 27, 2026
tauri — epicenterhq/epicenter