xdrop

作者: xixu-me

Use this skill when the user wants to send or fetch files through an Xdrop server from the terminal, asks to automate encrypted Xdrop share-link workflows, provides an Xdrop `/t/:transferId#k=...` link to download and decrypt locally, or needs Xdrop CLI flags such as `--quiet`, `--json`, `--expires-in`, `--output`, or `--api-url`, even if they do not explicitly mention the skill name.

npx skills add https://github.com/xixu-me/skills --skill xdrop
下載 ZIPGitHub

Use the bundled scripts inside this skill directory.

Available scripts

  • scripts/upload.mjs — Upload local files or directories to an Xdrop server and print the share link
  • scripts/download.mjs — Download an Xdrop share link, decrypt it locally, and save the files

Environment requirements:

  • Bun
  • Local filesystem access
  • Network access to the target Xdrop server

Upload

bun scripts/upload.mjs --server <xdrop-site-url> <file-or-directory> [...]

Prefer these flags when relevant:

  • --quiet: suppress progress output and keep stdout clean
  • --json: return transferId, shareUrl, and expiresAt
  • --expires-in <seconds>: choose a supported expiry
  • --api-url <url>: override the default <server>/api/v1
  • --name <value>: set the transfer display name
  • --concurrency <n>: limit parallel uploads per file

Useful examples:

bun scripts/upload.mjs --server http://localhost:8080 ./dist/report.pdf
bun scripts/upload.mjs --server http://localhost:8080 --quiet ./archive.zip
bun scripts/upload.mjs --server http://localhost:8080 --expires-in 600 --json ./notes.txt

If the user wants verification, upload a small temporary file and then confirm the public transfer API or browser can open the returned link.

Download

Require the full share link, including #k=.... Without the fragment key, the transfer cannot be decrypted.

bun scripts/download.mjs "<share-url>"

Prefer these flags when relevant:

  • --output <dir>: choose the destination directory
  • --quiet: suppress progress output and keep stdout clean
  • --json: return transferId, outputRoot, and saved file paths
  • --api-url <url>: override the default <share-origin>/api/v1

Useful examples:

bun scripts/download.mjs "http://localhost:8080/t/abc123#k=..."
bun scripts/download.mjs --output ./downloads "http://localhost:8080/t/abc123#k=..."
bun scripts/download.mjs --quiet --json --output ./downloads "http://localhost:8080/t/abc123#k=..."

By default the downloader writes to ./xdrop-<transferId> and preserves the manifest's relative paths.

Gotchas

  • A download link without the #k=... fragment is not decryptable. Ask for the full original share URL.
  • Use --quiet whenever another command or caller needs to capture stdout. Progress logs otherwise go to stderr, but the final result still matters.

Guardrails

  • Prefer --quiet when another command or script needs to capture stdout.
  • Keep the full share link fragment intact for downloads.
  • Do not bypass the scripts' built-in path sanitization or transfer cleanup behavior with manual ad hoc commands unless the user explicitly asks.

來自 xixu-me 的更多技能

github-actions-docs
xixu-me
Use when users ask how to write, explain, customize, migrate, secure, or troubleshoot GitHub Actions workflows, workflow syntax, triggers, matrices, runners, reusable workflows, artifacts, caching, secrets, OIDC, deployments, custom actions, or Actions Runner Controller, especially when they need official GitHub documentation, exact links, or docs-grounded YAML guidance.
developmentdevopsdocument
use-my-browser
xixu-me
Use when work depends on the user's live browser session or visible rendered state rather than static fetches, especially for browser debugging contexts or DevTools-selected elements or requests, logged-in dashboards or CMS flows, localhost apps, forms, uploads, downloads, media inspection, DOM or iframe inspection, Shadow DOM, or browser failures that look like soft 404s, auth walls, anti-bot checks, or rate limits.
browser-automationweb-scrapingtesting
readme-i18n
xixu-me
Use when the user wants to translate a repository README, make a repo multilingual, localize docs, add a language switcher, internationalize the README, or update localized README variants in a GitHub-style repository.
documentdevelopmentapi
openclaw-secure-linux-cloud
xixu-me
Use when self-hosting OpenClaw on a cloud server, hardening a remote OpenClaw gateway, choosing between SSH tunneling, Tailscale, or reverse-proxy exposure, or reviewing Podman, pairing, sandboxing, token auth, and tool-permission defaults for a secure personal deployment.
devopssecurity
develop-userscripts
xixu-me
Use when building, debugging, packaging, or publishing browser userscripts for Tampermonkey or ScriptCat, including GM APIs, metadata blocks, permission issues, @match/@grant/@connect setup, ScriptCat background or scheduled scripts, UserConfig blocks, or subscription workflows.
developmentbrowser-automationweb-scraping
secure-linux-web-hosting
xixu-me
Use when setting up, hardening, or reviewing a cloud server for self-hosting, including DNS, SSH, firewalls, Nginx, static-site hosting, reverse-proxying an app, HTTPS with Let's Encrypt or ACME clients, safe HTTP-to-HTTPS redirects, or optional post-launch network tuning such as BBR.
devopssecurityaws
opensource-guide-coach
xixu-me
Use when a user wants guidance on starting, contributing to, growing, governing, funding, securing, or sustaining an open source project, or asks about contributor onboarding, community health, maintainer burnout, code of conduct, metrics, legal basics, or open source project adoption.
developmentresearch
running-claude-code-via-litellm-copilot
xixu-me
Use when routing Claude Code through a local LiteLLM proxy to GitHub Copilot, reducing direct Anthropic spend, configuring ANTHROPIC_BASE_URL or ANTHROPIC_MODEL overrides, or troubleshooting Copilot proxy setup failures such as model-not-found, no localhost traffic, or GitHub 401/403 auth errors.
developmentapidevops