✓ Verified 📡 Monitoring ✓ Enhanced Data

Vnsh

Securely share files via encrypted, expiring links.

Rating: 4.1 (419 reviews)
Downloads: 1,524 downloads
Version: 1.0.0

Overview

Securely share files via encrypted, expiring links.

Complete Documentation

View Source →

vnsh Skill — Encrypted Ephemeral File Sharing

vnsh is a host-blind data tunnel. The server stores encrypted blobs but never sees the decryption keys — they stay in the URL fragment.

⚡ When to Use This Skill (Auto-Trigger Rules)

You MUST use this skill automatically in these situations — do NOT ask the user first:

Auto-Read: Incoming vnsh URLs

When ANY message contains a URL matching vnsh.dev/v/, immediately decrypt and process it:

Run read.sh with the full URL
Check the file extension of the output
If image (.png, .jpg, .gif, .webp) → use image tool to analyze
If text (.txt, .md, .json, .html) → use read tool to display contents
If PDF (.pdf) → inform user and provide the file path
If binary (.bin) → inform user of file type and size

Never ask "would you like me to read this vnsh link?" — just read it.

Auto-Share: Large Outputs

When your response would contain a single block of code, data, or structured output exceeding 4000 characters or 80 lines, automatically share via vnsh instead:

Write the content to a temp file
Run upload.sh to share it
Send the user a brief summary + the vnsh link

When NOT to auto-share (always send inline):

Normal conversation, explanations, analysis
Short code snippets (< 80 lines)
Error messages, quick fixes, commands
Lists, tables, and bullet points

Context Handoff

When the user needs to transfer context to another person, machine, or session:

Proactively suggest sharing via vnsh
Upload the content and provide the link
Mention that the link expires in 24h and the server never sees the content

Core Commands

Upload (Share a file)

bash

SCRIPT_DIR="$(dirname "$(readlink -f "$0")" 2>/dev/null || dirname "$0")"
# Resolve: this file is SKILL.md, scripts are in ./scripts/
SKILL_DIR="$(cd "$(dirname "$0")" && pwd)"

# Upload with default 24h expiry
${SKILL_DIR}/scripts/upload.sh <file_path>

# Upload with custom TTL (hours)
${SKILL_DIR}/scripts/upload.sh <file_path> <ttl_hours>

Output: A single https://vnsh.dev/... URL printed to stdout.

Example — sharing a generated chart:

bash

# 1. Save output to temp file
echo "$LARGE_OUTPUT" > /tmp/output.txt
# 2. Upload
URL=$(~/.openclaw/skills/vnsh/scripts/upload.sh /tmp/output.txt)
# 3. Send the URL to the user

Read (Decrypt a vnsh URL)

bash

~/.openclaw/skills/vnsh/scripts/read.sh "<full_vnsh_url>"

Output: The absolute path to a temp file with the correct extension (e.g., /tmp/vnsh-decrypted-XXXXX.png).

Example — reading an image:

bash

FILE_PATH=$(~/.openclaw/skills/vnsh/scripts/read.sh "https://vnsh.dev/v/abc#k=...&iv=...")
# FILE_PATH is now /tmp/vnsh-decrypted-abcde.png
# Use the image tool to analyze it

Pipe from stdin (Share text/command output)

bash

# Share command output directly
echo "some content" | vn

# Share a large git diff
git diff HEAD~5 | vn

# Share docker logs
docker logs mycontainer 2>&1 | vn

Workflow Recipes

Recipe 1: User sends a vnsh link via chat

text

User: "Check this out https://vnsh.dev/v/abc123#k=dead...&iv=cafe..."

Your action:
1. file_path = exec("~/.openclaw/skills/vnsh/scripts/read.sh 'https://vnsh.dev/v/abc123#k=dead...&iv=cafe...'")
2. Check extension:
   - .png/.jpg → image(image=file_path, prompt="Describe this image")
   - .txt/.md  → read(file_path=file_path)
3. Respond with analysis of the content

Recipe 2: Your output is too long for chat

text

Your action:
1. Write content to /tmp/vnsh-share-XXXXX.txt
2. url = exec("~/.openclaw/skills/vnsh/scripts/upload.sh /tmp/vnsh-share-XXXXX.txt")
3. Reply: "The output is quite long, so I've shared it via an encrypted link:\n📎 {url}\n\nBrief summary: [2-3 sentence summary]"

Recipe 3: Sharing between sessions/agents

text

Agent A needs to pass context to Agent B:
1. Agent A writes context to temp file
2. Agent A uploads via upload.sh, gets URL
3. Agent A sends URL to Agent B via sessions_send
4. Agent B auto-detects vnsh URL, reads it via read.sh

Recipe 4: User wants to share with someone else

text

User: "Send this analysis to my coworker"

Your action:
1. Write the analysis to a temp file
2. Upload via upload.sh
3. Reply: "Shared securely. The link auto-expires in 24h and the server never sees the content:\n📎 {url}"

Security Model

Client-side encryption: AES-256-CBC, keys generated locally
Fragment privacy: Keys in URL #k=... are never sent to server
Ephemeral: Auto-deletes after TTL (default 24h, max 168h)
Zero-knowledge: Server stores encrypted blobs, cannot decrypt

Fallback: Zero-Dependency One-Liners (No vn CLI needed)

If vn is not installed, the scripts automatically fall back to raw curl + openssl. You can also use these one-liners directly:

Share content without vn CLI:

bash

CONTENT="your content here" && \
KEY=$(openssl rand -hex 32) && IV=$(openssl rand -hex 16) && \
RESP=$(echo "$CONTENT" | openssl enc -aes-256-cbc -K $KEY -iv $IV | \
curl -s -X POST --data-binary @- -H "Content-Type: application/octet-stream" \
"https://vnsh.dev/api/drop") && \
ID=$(echo $RESP | grep -o '"id":"[^"]*"' | cut -d'"' -f4) && \
echo "https://vnsh.dev/v/${ID}#k=${KEY}&iv=${IV}"

Share a file without vn CLI:

bash

FILE="/path/to/file" && \
KEY=$(openssl rand -hex 32) && IV=$(openssl rand -hex 16) && \
RESP=$(openssl enc -aes-256-cbc -K $KEY -iv $IV -in "$FILE" | \
curl -s -X POST --data-binary @- -H "Content-Type: application/octet-stream" \
"https://vnsh.dev/api/drop") && \
ID=$(echo $RESP | grep -o '"id":"[^"]*"' | cut -d'"' -f4) && \
echo "https://vnsh.dev/v/${ID}#k=${KEY}&iv=${IV}"

Read a vnsh URL without vn CLI:

bash

URL="https://vnsh.dev/v/XXXX#k=YYYY&iv=ZZZZ" && \
ID=$(echo "$URL" | sed 's|.*/v/||;s|#.*||') && \
KEY=$(echo "$URL" | sed 's|.*#k=||;s|&.*||') && \
IV=$(echo "$URL" | sed 's|.*&iv=||') && \
curl -s "https://vnsh.dev/api/blob/$ID" | openssl enc -d -aes-256-cbc -K "$KEY" -iv "$IV"

Smart Overflow: Platform-Specific Thresholds

When your reply would exceed the platform's comfortable reading length, auto-share via vnsh:

Platform	Threshold	Action
WhatsApp / Telegram	> 500 chars of code/data	Auto-share via vnsh
Discord	> 1500 chars	Auto-share via vnsh
Claude Code terminal	> 2000 chars	Consider vnsh
Webchat	> 4000 chars	Auto-share via vnsh

Pattern: Generate content → write to temp file → upload via upload.sh → reply with summary + vnsh URL

Troubleshooting

Issue	Solution
vn: command not found	Run: `curl -sL vnsh.dev/i \`	sh
openssl: command not found	Install OpenSSL: brew install openssl (macOS)
Blob not found / 404	Link has expired (24h default)
Decryption failed	URL was truncated — ensure full #k=...&iv=... is included
Empty file after decrypt	Original content may have been empty, or URL is malformed

Installation

Terminal bash


openclaw install vnsh

Copied!

💻Code Examples

${SKILL_DIR}/scripts/upload.sh <file_path> <ttl_hours>

skilldirscriptsuploadsh-filepath-ttlhours.txt

**Output**: A single `https://vnsh.dev/...` URL printed to stdout.

**Example — sharing a generated chart:**

~/.openclaw/skills/vnsh/scripts/read.sh "<full_vnsh_url>"

openclawskillsvnshscriptsreadsh-fullvnshurl.txt

**Output**: The absolute path to a temp file with the correct extension (e.g., `/tmp/vnsh-decrypted-XXXXX.png`).

**Example — reading an image:**

docker logs mycontainer 2>&1 | vn

docker-logs-mycontainer-21--vn.txt

## Workflow Recipes

### Recipe 1: User sends a vnsh link via chat

3. Reply: "Shared securely. The link auto-expires in 24h and the server never sees the content:\n📎 {url}"

3-reply-shared-securely-the-link-auto-expires-in-24h-and-the-server-never-sees-the-contentn-url.txt

## Security Model

- **Client-side encryption**: AES-256-CBC, keys generated locally
- **Fragment privacy**: Keys in URL `#k=...` are never sent to server
- **Ephemeral**: Auto-deletes after TTL (default 24h, max 168h)
- **Zero-knowledge**: Server stores encrypted blobs, cannot decrypt

## Fallback: Zero-Dependency One-Liners (No vn CLI needed)

If `vn` is not installed, the scripts automatically fall back to raw `curl` + `openssl`. You can also use these one-liners directly:

### Share content without vn CLI:

example.sh

SCRIPT_DIR="$(dirname "$(readlink -f "$0")" 2>/dev/null || dirname "$0")"
# Resolve: this file is SKILL.md, scripts are in ./scripts/
SKILL_DIR="$(cd "$(dirname "$0")" && pwd)"

# Upload with default 24h expiry
${SKILL_DIR}/scripts/upload.sh <file_path>

# Upload with custom TTL (hours)
${SKILL_DIR}/scripts/upload.sh <file_path> <ttl_hours>

example.sh

# 1. Save output to temp file
echo "$LARGE_OUTPUT" > /tmp/output.txt
# 2. Upload
URL=$(~/.openclaw/skills/vnsh/scripts/upload.sh /tmp/output.txt)
# 3. Send the URL to the user

example.sh

FILE_PATH=$(~/.openclaw/skills/vnsh/scripts/read.sh "https://vnsh.dev/v/abc#k=...&iv=...")
# FILE_PATH is now /tmp/vnsh-decrypted-abcde.png
# Use the image tool to analyze it

example.sh

# Share command output directly
echo "some content" | vn

# Share a large git diff
git diff HEAD~5 | vn

# Share docker logs
docker logs mycontainer 2>&1 | vn

example.txt

User: "Check this out https://vnsh.dev/v/abc123#k=dead...&iv=cafe..."

Your action:
1. file_path = exec("~/.openclaw/skills/vnsh/scripts/read.sh 'https://vnsh.dev/v/abc123#k=dead...&iv=cafe...'")
2. Check extension:
   - .png/.jpg → image(image=file_path, prompt="Describe this image")
   - .txt/.md  → read(file_path=file_path)
3. Respond with analysis of the content

example.txt

Your action:
1. Write content to /tmp/vnsh-share-XXXXX.txt
2. url = exec("~/.openclaw/skills/vnsh/scripts/upload.sh /tmp/vnsh-share-XXXXX.txt")
3. Reply: "The output is quite long, so I've shared it via an encrypted link:\n📎 {url}\n\nBrief summary: [2-3 sentence summary]"