- Home
- Skills
- Dchuk
- Claude Code Tauri Skills
- Tauri Plugin Permissions
tauri-plugin-permissions_skill
12
GitHub Stars
1
Bundled Files
2 months ago
Catalog Refreshed
4 months ago
First Indexed
Readme & install
Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.
Installation
Preview and clipboard use veilstrat where the catalogue uses aiagentskills.
npx veilstrat add skill dchuk/claude-code-tauri-skills --skill tauri-plugin-permissions- SKILL.md10.4 KB
Overview
This skill guides configuring Tauri plugin permissions, capabilities, and security for Tauri v2 apps. It explains how to target platforms and windows, use official and community plugin permission sets, and author custom plugin permissions with scopes. The goal is to help you apply least-privilege access and organize capability files for predictable behavior.
How this skill works
It inspects and describes the capability JSON structure placed in src-tauri/capabilities, showing how to assign permissions to windows and platforms. It covers permission levels (commands vs scopes), how to enable plugin default sets, how to restrict access with path scopes and variables, and how to generate and register custom plugin permissions. Troubleshooting tips and best practices help you validate and apply capability changes.
When to use it
- When you need to restrict plugin or API access per window or platform
- When building cross-platform desktop and mobile Tauri apps
- When adding third-party or community plugins and you want explicit permission control
- When creating a custom plugin and you must expose safe, scoped commands
- When auditing app security to enforce least-privilege policies
Best practices
- Follow principle of least privilege: grant only needed permissions
- Use scopes to limit filesystem access to defined paths and variables (e.g. $HOME, $APP)
- Separate capabilities by window so UI surfaces only get necessary access
- Target capabilities by platform to avoid granting mobile privileges on desktop and vice versa
- Provide descriptive identifiers and document why each permission is required
Example use cases
- Desktop app: give main window filesystem and dialog access, limit settings window to app-only files
- Mobile app: enable camera and notification permissions only on android and ios capability files
- Plugin adoption: enable plugin-name:default in capability to get baseline access, then add scoped permissions as needed
- Custom plugin: auto-generate allow/deny commands for read/write/delete and expose tiered permission sets (default, read-write, full-access)
- Cross-platform distribution: keep desktop.json and mobile.json capability files to separate platform permissions
FAQ
Use a scope object for the permission with allow paths, e.g. { "identifier":"fs:allow-read", "allow":[{"path":"$HOME/Documents/**"}] }.
Why is a capability not applied after changes?
Ensure the file is in src-tauri/capabilities, the windows array matches your window labels, platforms include your OS, and rebuild the app after changes.