Generate secure main process and preload script boilerplate with proper context isolation, IPC patterns, and security best practices for Electron applications
Generates secure Electron main process and preload scripts with context isolation and IPC best practices.
npx claudepluginhub a5c-ai/babysitterThis skill is limited to using the following tools:
README.mdGenerate secure Electron main process and preload scripts with proper context isolation, secure IPC patterns, and comprehensive security best practices. This skill creates production-ready boilerplate that follows Electron security guidelines.
main.js/main.ts) with proper window configuration{
"type": "object",
"properties": {
"projectPath": {
"type": "string",
"description": "Path to the Electron project root"
},
"language": {
"enum": ["javascript", "typescript"],
"default": "typescript"
},
"features": {
"type": "array",
"items": {
"enum": [
"contextIsolation",
"sandbox",
"csp",
"ipcChannels",
"permissionHandler",
"protocolHandler",
"deepLinking",
"autoUpdater",
"tray",
"multiWindow"
]
},
"default": ["contextIsolation", "sandbox", "csp", "ipcChannels"]
},
"ipcChannels": {
"type": "array",
"items": {
"type": "object",
"properties": {
"name": { "type": "string" },
"direction": { "enum": ["toMain", "toRenderer", "bidirectional"] },
"description": { "type": "string" },
"requestSchema": { "type": "object" },
"responseSchema": { "type": "object" }
},
"required": ["name", "direction"]
},
"description": "Define IPC channels for the application"
},
"windowConfig": {
"type": "object",
"properties": {
"width": { "type": "number", "default": 1200 },
"height": { "type": "number", "default": 800 },
"minWidth": { "type": "number" },
"minHeight": { "type": "number" },
"frame": { "type": "boolean", "default": true },
"transparent": { "type": "boolean", "default": false },
"titleBarStyle": { "enum": ["default", "hidden", "hiddenInset", "customButtonsOnHover"] }
}
},
"cspPolicy": {
"type": "object",
"properties": {
"defaultSrc": { "type": "array", "items": { "type": "string" } },
"scriptSrc": { "type": "array", "items": { "type": "string" } },
"styleSrc": { "type": "array", "items": { "type": "string" } },
"imgSrc": { "type": "array", "items": { "type": "string" } },
"connectSrc": { "type": "array", "items": { "type": "string" } }
}
}
},
"required": ["projectPath"]
}
{
"type": "object",
"properties": {
"success": { "type": "boolean" },
"files": {
"type": "array",
"items": {
"type": "object",
"properties": {
"path": { "type": "string" },
"type": { "enum": ["main", "preload", "types", "utils"] },
"description": { "type": "string" }
}
}
},
"securityChecklist": {
"type": "array",
"items": {
"type": "object",
"properties": {
"check": { "type": "string" },
"status": { "enum": ["implemented", "recommended", "optional"] },
"details": { "type": "string" }
}
}
},
"warnings": { "type": "array", "items": { "type": "string" } }
},
"required": ["success", "files"]
}
src/
main/
main.ts # Main process entry point
ipc-handlers.ts # IPC handler implementations
window-manager.ts # Multi-window management (optional)
protocol-handler.ts # Custom protocol registration (optional)
permission-handler.ts # Permission request handling
preload/
preload.ts # Preload script with contextBridge
api.ts # Exposed API definitions
shared/
ipc-channels.ts # IPC channel definitions
types.ts # Shared TypeScript types
import { app, BrowserWindow, session, ipcMain } from 'electron';
import path from 'path';
// Security: Disable remote module (deprecated but check)
app.disableHardwareAcceleration(); // Optional: for headless environments
function createWindow(): BrowserWindow {
const mainWindow = new BrowserWindow({
width: 1200,
height: 800,
webPreferences: {
// Security settings
nodeIntegration: false, // Never enable in production
contextIsolation: true, // Always enable
sandbox: true, // Enable sandbox
webSecurity: true, // Keep enabled
allowRunningInsecureContent: false,
preload: path.join(__dirname, 'preload.js'),
},
});
// Content Security Policy
session.defaultSession.webRequest.onHeadersReceived((details, callback) => {
callback({
responseHeaders: {
...details.responseHeaders,
'Content-Security-Policy': [
"default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'"
]
}
});
});
// Permission handling
session.defaultSession.setPermissionRequestHandler((webContents, permission, callback) => {
const allowedPermissions = ['clipboard-read', 'notifications'];
callback(allowedPermissions.includes(permission));
});
return mainWindow;
}
import { contextBridge, ipcRenderer } from 'electron';
// Define allowed channels
const VALID_CHANNELS = {
toMain: ['save-file', 'open-dialog', 'app-settings'],
fromMain: ['file-saved', 'update-available', 'settings-changed'],
} as const;
type ToMainChannel = typeof VALID_CHANNELS.toMain[number];
type FromMainChannel = typeof VALID_CHANNELS.fromMain[number];
// Expose protected methods via contextBridge
contextBridge.exposeInMainWorld('electronAPI', {
// Send to main process (one-way)
send: (channel: ToMainChannel, data: unknown) => {
if (VALID_CHANNELS.toMain.includes(channel)) {
ipcRenderer.send(channel, data);
}
},
// Invoke main process and wait for response
invoke: async <T>(channel: ToMainChannel, data?: unknown): Promise<T> => {
if (VALID_CHANNELS.toMain.includes(channel)) {
return ipcRenderer.invoke(channel, data);
}
throw new Error(`Invalid channel: ${channel}`);
},
// Subscribe to main process events
on: (channel: FromMainChannel, callback: (...args: unknown[]) => void) => {
if (VALID_CHANNELS.fromMain.includes(channel)) {
const subscription = (_event: Electron.IpcRendererEvent, ...args: unknown[]) =>
callback(...args);
ipcRenderer.on(channel, subscription);
// Return unsubscribe function
return () => {
ipcRenderer.removeListener(channel, subscription);
};
}
return () => {};
},
// One-time listener
once: (channel: FromMainChannel, callback: (...args: unknown[]) => void) => {
if (VALID_CHANNELS.fromMain.includes(channel)) {
ipcRenderer.once(channel, (_event, ...args) => callback(...args));
}
},
});
// types/electron-api.d.ts
export interface ElectronAPI {
send: (channel: string, data: unknown) => void;
invoke: <T>(channel: string, data?: unknown) => Promise<T>;
on: (channel: string, callback: (...args: unknown[]) => void) => () => void;
once: (channel: string, callback: (...args: unknown[]) => void) => void;
}
declare global {
interface Window {
electronAPI: ElectronAPI;
}
}
| Security Measure | Status | Details |
|---|---|---|
| Context Isolation | Required | Always set contextIsolation: true |
| Node Integration | Required | Always set nodeIntegration: false |
| Sandbox | Recommended | Set sandbox: true for renderer |
| Web Security | Required | Never disable webSecurity |
| CSP Headers | Recommended | Strict Content Security Policy |
| Remote Module | Required | Ensure enableRemoteModule: false |
| IPC Validation | Required | Whitelist and validate all IPC channels |
| Protocol Handlers | Recommended | Register custom protocols securely |
| Permission Handler | Recommended | Control permission requests |
| Navigation Guard | Recommended | Restrict navigation to trusted origins |
ipcRenderer directly - Always use channel whitelistingelectron-builder-config - Build configurationelectron-ipc-security-audit - Audit IPC implementationselectron-auto-updater-setup - Auto-update configurationelectron-architect - Electron architecture expertisedesktop-security-auditor - Security auditingActivates when the user asks about AI prompts, needs prompt templates, wants to search for prompts, or mentions prompts.chat. Use for discovering, retrieving, and improving prompts.
Search, retrieve, and install Agent Skills from the prompts.chat registry using MCP tools. Use when the user asks to find skills, browse skill catalogs, install a skill for Claude, or extend Claude's capabilities with reusable AI agent components.
This skill should be used when the user asks to "create an agent", "add an agent", "write a subagent", "agent frontmatter", "when to use description", "agent examples", "agent tools", "agent colors", "autonomous agent", or needs guidance on agent structure, system prompts, triggering conditions, or agent development best practices for Claude Code plugins.