← Back to Skills Marketplace

SnapPwd Secure Secret Sharing

Name: SnapPwd Secure Secret Sharing
Author: fantaclaw-ai

by fantaclaw-ai · GitHub ↗ · v1.0.1 · MIT-0

cross-platform ⚠ suspicious

259

Downloads

Stars

Active Installs

Versions

Install in OpenClaw

/install snappwd-share

Description

Securely share secrets, API keys, files, and credentials with OpenClaw agents and team members via self-destructing links. Use when the user needs to share s...

Usage Guidance

This skill appears to do what it says (create one-time encrypted links) and does not request unrelated credentials. Before using it: 1) Be cautious about what you share — avoid sharing long-term private keys or production secrets when possible; prefer generating temporary credentials or sharing only the minimal secret required. 2) If you must share private keys, rotate/revoke them immediately after use. 3) Verify the CLI package/source (github repo) before running npm install -g; installing global npm packages can be risky if the package is untrusted. 4) Confirm you are on the correct domain (https://snappwd.io) to avoid phishing, or consider self-hosting and pointing SNAPPWD_API_URL to your instance for sensitive uses. 5) Remember the URL fragment (the key after #) only lives in the client — do not paste the full URL into insecure logs; share the link only with verified recipients. If you want greater assurance about the implementation, ask the publisher for the CLI/service source repo and audit the npm package and server code before use.

Capability Analysis

Type: OpenClaw Skill Name: snappwd-share Version: 1.0.1 The skill facilitates the sharing of highly sensitive information by providing instructions and scripts to upload files like private SSH keys (~/.ssh/id_rsa) and environment configurations (.env) to an external service (snappwd.io). While the documentation (security-model.md) describes a zero-knowledge encryption architecture, the explicit targeting of high-value system credentials in SKILL.md and cli-usage.md creates a high-risk path for data exfiltration. The bundle encourages the AI agent to handle and transmit secrets that should typically remain local, which could be exploited via prompt injection.

Capability Assessment

✓ Purpose & Capability

Name/description (secure, ephemeral secret sharing) match the provided materials: SKILL.md, CLI usage, security model, and the shell helper all point to using snappwd.io or @snappwd/cli. There are no unrelated environment variables, binaries, or install actions requested that would be incoherent with the stated purpose.

ℹ Instruction Scope

Instructions stay within the domain of creating and sharing ephemeral encrypted links. The docs and examples explicitly show sharing highly sensitive items (e.g., .env, SSH private keys) and instruct users to run CLI commands (snappwd put-file) that will read local files — that is expected for this tool but is high-risk behavior for users. The skill itself does not instruct the agent to read arbitrary system files or access other skills' configs.

✓ Install Mechanism

This is an instruction-only skill with an included helper script; there is no install spec that downloads arbitrary code. The documented install method for the CLI is npm install -g @snappwd/cli (a standard public registry flow). That is proportionate for providing a CLI; users should however vet the npm package and its source before global installation.

✓ Credentials

No required environment variables or primary credentials are declared. The references mention an optional SNAPPWD_API_URL for self-hosting, which is reasonable. No unrelated secrets or system config paths are requested by the skill itself. Example usage shows putting local files (e.g., ~/.ssh/id_rsa) — this is consistent with the service's purpose but increases user risk.

✓ Persistence & Privilege

always is false and model invocation is normal. The skill does not request persistent elevated privileges, nor does it modify other skills or system-wide agent settings. The included script only invokes the snappwd CLI and prints the link.

How to Use

Make sure OpenClaw is installed (local or Docker)
Run the install command in chat: /install snappwd-share
After installation, invoke the skill by name or use /snappwd-share
Provide required inputs per the skill's parameter spec and get structured output

Version History

v1.0.1

Fix: update display name

v1.0.0

- Initial release of snappwd-share skill. - Securely share secrets, API keys, credentials, or files via self-destructing, end-to-end encrypted links. - Supports both web interface and CLI for generating secure links. - Designed for one-time, ephemeral sharing—no account or tracking required. - Ideal for sharing sensitive information in chats, email, or messaging with OpenClaw agents or team members.

Metadata

Slug snappwd-share

Version 1.0.1

License MIT-0

All-time Installs 0

Active Installs 0

Total Versions 2

Frequently Asked Questions

What is SnapPwd Secure Secret Sharing?

Securely share secrets, API keys, files, and credentials with OpenClaw agents and team members via self-destructing links. Use when the user needs to share s... It is an AI Agent Skill for Claude Code / OpenClaw, with 259 downloads so far.

How do I install SnapPwd Secure Secret Sharing?

Run "/install snappwd-share" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is SnapPwd Secure Secret Sharing free?

Yes, SnapPwd Secure Secret Sharing is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does SnapPwd Secure Secret Sharing support?

SnapPwd Secure Secret Sharing is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created SnapPwd Secure Secret Sharing?

It is built and maintained by fantaclaw-ai (@fantaclaw-ai); the current version is v1.0.1.

More Skills