This skill should be used when the user asks to "send a secret file", "share a file securely", "share credentials file", "send API keys file", "share .env securely", "encrypt and share file", "send config to teammate", "share SSH key", "send private key file", "share certificate file", "share secrets.json", "share keyfile", "securely share file", "send secret to coworker", "share tokens file", "npx send-secret", "encrypted file sharing", "one-time link for file", "self-destructing file share", or needs to share any sensitive file via P2P encrypted link. The file is encrypted locally with AES-256-GCM and served via a one-time Cloudflare tunnel.
From send-secretnpx claudepluginhub b-open-io/claude-plugins --plugin send-secretThis skill is limited to using the following tools:
Designs and optimizes AI agent action spaces, tool definitions, observation formats, error recovery, and context for higher task completion rates.
Enables AI agents to execute x402 payments with per-task budgets, spending controls, and non-custodial wallets via MCP tools. Use when agents pay for APIs, services, or other agents.
Compares coding agents like Claude Code and Aider on custom YAML-defined codebase tasks using git worktrees, measuring pass rate, cost, time, and consistency.
Share files securely using P2P encrypted links. Files are encrypted locally with AES-256-GCM and served via a temporary Cloudflare tunnel. The decryption key is embedded in the URL fragment (never sent to servers).
Critical constraint: The agent must NEVER read or display file contents.
| Action | Safe | Reason |
|---|---|---|
send-secret ./file.json | Yes | File path only, content encrypted by CLI |
cat file | send-secret | NO | Piping exposes content to agent's context |
Read tool on file | NO | Would load secret into agent's context |
echo "$VAR" | send-secret | NO | Variable value exposed to agent |
# Basic file send (single recipient, no timeout)
npx send-secret <filepath>
# Multiple recipients
npx send-secret -n <count> <filepath>
# Auto-destruct timeout (seconds)
npx send-secret -t <seconds> <filepath>
# Combined: 3 views OR 5 minutes, whichever first
npx send-secret -n 3 -t 300 <filepath>
test -f or ls, never cat or Read)The CLI outputs a boxed URL like:
╭ Share this link ─────────────────────────╮
│ https://xyz.trycloudflare.com/s/abc#key=... │
╰──────────────────────────────────────────╯
Extract the full URL including the #key=... fragment. The fragment contains the decryption key and is essential.
The send-secret process runs interactively:
Waiting for receiver... (0/3)Retrieved (1/3) from 73.162.45.99Important: The process must stay running until delivery completes. Run in foreground, not background.
npx send-secret ./credentials.json
npx send-secret -n 5 ./team-secrets.env
npx send-secret -t 300 ./temp-access.json # 5 minute window
npx send-secret -n 2 -t 120 ./api-keys.txt # 2 views max, 2 min timeout
| Error | Resolution |
|---|---|
| "File too large (max 100MB)" | File exceeds size limit |
| "No data to send" | Empty file or path doesn't exist |
| "Tunnel failed" | Network issue, retry or check connection |
| Process killed before retrieval | Recipient needs new link |
# NEVER pipe file contents
cat secret.json | npx send-secret # WRONG: agent sees content
# NEVER read file first
Read secret.json, then send # WRONG: agent sees content
# NEVER echo secrets
echo "sk_live_xxx" | npx send-secret # WRONG: agent sees secret
# NEVER commit secret files or send-secret URLs to git
git add . # WRONG: may include secret files
User: "I need to share my .env file with the new developer"
Agent:
test -f ./.env && echo "File exists"User: "Just one person, no timeout needed"
Agent:
npx send-secret ./.env
Response: "Here's your secure link: [URL]. Share this with the developer. Keep this terminal open until they retrieve it - the link is single-use and self-destructs after viewing."