rust_skill
- Shell
25
GitHub Stars
1
Bundled Files
2 months ago
Catalog Refreshed
4 months ago
First Indexed
Readme & install
Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.
Installation
Preview and clipboard use veilstrat where the catalogue uses aiagentskills.
npx veilstrat add skill martinholovsky/claude-skills-generator --skill rust- SKILL.md14.7 KB
Overview
This skill delivers systems programming expertise for building Tauri desktop backends in Rust with a focus on memory safety, secure boundaries, and performance. It codifies patterns for ownership, async concurrency, safe FFI, secure IPC, and practical mitigations for known command and unsafe-code risks. Use it to design, implement, and audit Rust components in Tauri apps with test-first and security-first practices.
How this skill works
The skill inspects common boundary and performance concerns: input validation for Tauri commands, safe wrappers around FFI and unsafe blocks, allowlisted command execution, canonicalized file handling to prevent traversal, and async state management patterns using Arc/RwLock. It prescribes test-driven workflows, dependency checks (cargo-audit), and clear error serialization to avoid leaking internals.
When to use it
- Implementing Tauri commands that accept external input from webview or plugins
- Integrating native libraries via FFI where unsafe invariants must be enforced
- Optimizing hot paths for low-latency desktop workflows
- Hardening file and command operations against injection and traversal
- Setting up shared async state safely across Tauri command handlers
Best practices
- TDD first: write failing tests before implementation and keep cargo test in CI
- Minimize unsafe: isolate unsafe code, document safety invariants with // SAFETY:, and provide safe wrappers
- Validate at boundaries: use serde + validator and newtypes to enforce schema and semantic invariants
- Avoid shells: run external programs with Command::new and use allowlists for allowed binaries
- Profile before optimizing: prefer zero-cost abstractions and iterator chains before unsafe micro-optimizations
- Audit deps and lint: run cargo-audit, cargo clippy -- -D warnings, and nightly memory checks as part of pipeline
Example use cases
- A Tauri command that creates users: validate input, return structured AppError, and test both success and failure paths
- Safe file storage: canonicalize user paths with dunce and reject path traversal attempts
- Executing developer tools from the app: enforce allowlist and return sanitized outputs
- FFI wrapper around a C library: validate inputs, check pointers, and expose a safe Rust API
- High-throughput telemetry: use object pools, zero-copy iterators, and spawn_blocking for CPU-bound work
FAQ
Load secrets from environment or an encrypted store plugin; never hardcode keys. Prefer platform secure storage or encrypted plugin-backed files.
When is unsafe justified?
Use unsafe only when performance or FFI requires it, keep it minimal, document the invariants in // SAFETY: comments, and encapsulate it behind safe APIs with tests.