diff --git a/src-tauri/Cargo.toml b/src-tauri/Cargo.toml
index 7c7f024..a2abb2e 100644
--- a/src-tauri/Cargo.toml
+++ b/src-tauri/Cargo.toml
@@ -28,6 +28,9 @@ tokio-tungstenite = "0.23"
 futures-util = "0.3"
 sha2 = "0.10"
 
+[target.'cfg(target_os = "linux")'.dependencies]
+webkit2gtk = "2.0"
+
 [profile.release]
 panic = "abort"
 codegen-units = 1
diff --git a/src-tauri/src/lib.rs b/src-tauri/src/lib.rs
index 2248375..c53091f 100644
--- a/src-tauri/src/lib.rs
+++ b/src-tauri/src/lib.rs
@@ -8,6 +8,9 @@ use tauri::{
     tray::{MouseButton, MouseButtonState, TrayIconBuilder, TrayIconEvent},
 };
 
+#[cfg(target_os = "linux")]
+use webkit2gtk::WebViewExt;
+
 mod audit;
 mod claude;
 mod commands;
@@ -250,6 +253,24 @@ pub fn run() {
             // Lock-Datei erstellen (Instanz-Schutz + Update-Safety)
             update::create_lock_file();
 
+            // WebKitGTK: Mikrofon-/Kamera-Permissions automatisch erlauben
+            #[cfg(target_os = "linux")]
+            {
+                if let Some(window) = app.get_webview_window("main") {
+                    window.with_webview(|webview| {
+                        use webkit2gtk::PermissionRequestExt;
+
+                        let wv: webkit2gtk::WebView = webview.inner().clone();
+                        wv.connect_permission_request(|_wv, request: &webkit2gtk::PermissionRequest| {
+                            println!("🎤 WebKit Permission-Request → erlaubt");
+                            request.allow();
+                            true // Signal handled
+                        });
+                        println!("🎤 WebKit Permission-Handler registriert");
+                    }).ok();
+                }
+            }
+
             // Phase 3: Bridge sofort beim App-Start starten (kein Cold-Start bei erster Nachricht)
             let bridge_handle = app.handle().clone();
             tauri::async_runtime::spawn(async move {