tauri-syntax-plugins-api
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill provides detailed patterns for the Tauri shell plugin, including explicit security warnings (AP-009) that emphasize the necessity of command whitelisting and argument validation using regex validators to prevent arbitrary code execution.
- [EXTERNAL_DOWNLOADS]: Documents the installation of official Tauri 2 plugins from well-known registries (npm and crates.io) under the
@tauri-appsnamespace, which is the standard procedure for Tauri development. - [DATA_EXFILTRATION]: Mentions the Tauri HTTP plugin for network requests but includes specific guidance on implementing URL scoping within the capability configuration to restrict traffic to intended domains only.
- [SAFE]: Includes defensive coding practices such as the use of
BaseDirectoryenums to prevent path traversal vulnerabilities in file system operations (AP-011) and the use of environment guards (isTauri) for cross-platform safety.
Audit Metadata