oimiragieo-tauri-native-api-integration
SKILL.md
Tauri Native Api Integration Skill
- Utilize Tauri's APIs for native desktop integration (file system access, system tray, etc.).
- Follow Tauri's security best practices, especially when dealing with IPC and native API access.
- Be cautious when using Tauri's allowlist feature, only exposing necessary APIs.
Iron Laws
- NEVER expose all Tauri commands without an allowlist — use explicit permission-based access
- ALWAYS validate all IPC inputs on the Rust side — never trust the frontend
- NEVER perform synchronous I/O in Tauri command handlers — always use async
- ALWAYS use
tauri-spectato generate TypeScript types from Rust structs for type safety - NEVER transfer large data synchronously over IPC — use streaming or chunking
Anti-Patterns
| Anti-Pattern | Why It Fails | Correct Approach |
|---|---|---|
| No command allowlist | All Rust functions exposed to frontend; attack surface maximized | Allowlist only specific commands needed by the frontend |
| Trusting frontend input | Malicious payloads can exploit Rust code | Validate and sanitize all IPC inputs on the Rust side |
| Synchronous I/O in commands | Blocks the Tauri event loop; UI freezes | Use async Rust for all I/O operations in command handlers |
| Missing TypeScript types | Runtime type mismatches between Rust and frontend | Use tauri-specta to generate TypeScript types from Rust structs |
| Large synchronous data transfers | IPC bottleneck causes UI stuttering | Stream or chunk large data; avoid transferring full datasets over IPC |
Memory Protocol (MANDATORY)
Before starting:
cat .claude/context/memory/learnings.md
After completing: Record any new patterns or exceptions discovered.
ASSUME INTERRUPTION: Your context may reset. If it's not in memory, it didn't happen.
Weekly Installs
1
Source
smithery.ai/ski…egrationFirst Seen
12 days ago
Installed on
kilo1
windsurf1
zencoder1
crush1
amp1
cline1