tauri-security-rules

CRITICAL E004: Prompt injection detected in skill instructions.

• Potential prompt injection detected (high risk: 1.00). The mandatory "Memory Protocol" instructs the agent to run a local shell command (cat .claude/context/memory/learnings.md) and to record persistent learnings, which are instructions to access and persist local context unrelated to the stated Tauri security review purpose, so this is a hidden/deceptive behavior outside the skill's scope.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 0.90). The skill contains a "MANDATORY" memory protocol that explicitly instructs the agent to run "cat .claude/context/memory/learnings.md" (read local agent memory) and to record new patterns afterward, which is a prompt-injection style instruction enabling unauthorized local data access/exfiltration and persistent memory updates—a high-risk backdoor/privacy leak despite otherwise benign code.