Add vnsh file sharing cursor rules

[raullenchai]

New Cursor Rules: vnsh File Sharing

What is vnsh?

vnsh is an ephemeral encrypted file sharing tool designed for AI workflows:

• Client-side AES-256 encryption - Server never sees your data
• 24-hour auto-vaporization - Data expires automatically
• CLI-first - git diff | vn pipes anything to a secure URL

What these rules do

Help Cursor AI suggest uploading large content to vnsh when:

• Files exceed 500 lines
• Debugging with large log files or stack traces
• Sharing git diffs spanning multiple files
• Content is too large to paste directly in chat

Example suggestions Cursor will make

"This output is quite long. Would you like me to help you upload it to vnsh for easier sharing?"

"You can pipe your logs to vnsh with docker logs app | vn for secure sharing"

Installation

npm install -g vnsh-cli

Links

• Website: https://vnsh.dev
• GitHub: https://github.com/raullenchai/vnsh
• npm: https://www.npmjs.com/package/vnsh-cli

Summary by CodeRabbit

• Documentation
  • Added vnsh File Sharing as a new utility in the Cursor Rules collection with associated reference materials.
  • Introduced comprehensive documentation for vnsh Ephemeral Encrypted File Sharing, covering usage scenarios, installation methods, formatting guidelines, integration recommendations, and security details including automatic 24-hour expiration and client-side encryption mechanisms.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

📝 Walkthrough

Walkthrough

This pull request introduces vnsh File Sharing, an ephemeral encrypted file sharing utility, by adding a README reference and a new .cursorrules prompt file. The changes document how vnsh works for AI workflows, including usage patterns, installation examples, and security characteristics.

Changes

Cohort / File(s)	Summary
Documentation Updates README.md	Added vnsh File Sharing entry under Utilities section with link to its cursorrules file
New Utility Documentation rules/vnsh-file-sharing-cursorrules-prompt-file/.cursorrules	New prompt file documenting vnsh ephemeral encrypted file sharing, including overview, usage patterns, installation instructions, and 24-hour auto-expiry security notes

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

Suggested reviewers

• PatrickJS

Poem

🐰 A rabbit hops with joy today,
vnsh sharing comes to play!
Encrypted files that fade away,
In twenty-four hours, gone to gray.
Safe and swift, the modern way! 🔐✨

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'Add vnsh file sharing cursor rules' accurately summarizes the main change: adding a new utility with cursor rules for vnsh file sharing to the repository.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Fix all issues with AI agents

In `@README.md`:
- Line 289: The README entry for "vnsh File Sharing" (the markdown line linking
to ./rules/vnsh-file-sharing-cursorrules-prompt-file/.cursorrules and the link
text "[vnsh File
Sharing](./rules/vnsh-file-sharing-cursorrules-prompt-file/.cursorrules)")
points to a defunct service and invalid repo; either remove that bullet entirely
or replace it with a verified, working alternative: update the link target and
link text to point to an accessible service/repo and ensure the installation
endpoint works (or add a note indicating the package only exists on npm), and
validate all URLs before committing.

🧹 Nitpick comments (1)

rules/vnsh-file-sharing-cursorrules-prompt-file/.cursorrules (1)

49-50: Document security considerations for the quick install method.

The curl -sL https://vnsh.dev/i | sh pattern downloads and executes a script without user inspection, which is a known security concern. While convenient, this method should include a cautionary note.

📝 Suggested security note addition

 # Quick install
+# Note: Review the install script before running: curl -sL https://vnsh.dev/i
 curl -sL https://vnsh.dev/i | sh

Alternatively, consider recommending users verify the script first:

# Download and review the install script
curl -sL https://vnsh.dev/i -o install.sh
cat install.sh  # Review the script
sh install.sh

[coderabbitai]

⚠️ Potential issue | 🔴 Critical

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Verify vnsh service, npm package, and GitHub repository exist

echo "=== Checking vnsh.dev website ==="
curl -I -L --max-time 10 https://vnsh.dev 2>&1 | head -n 5

echo -e "\n=== Checking npm package vnsh-cli ==="
npm view vnsh-cli version 2>&1 || echo "Package not found"

echo -e "\n=== Checking GitHub repository ==="
curl -s https://api.github.com/repos/raullenchai/vnsh | jq '.name, .description, .archived' 2>&1 || echo "Repository check failed"

echo -e "\n=== Checking installation script endpoint ==="
curl -I -L --max-time 10 https://vnsh.dev/i 2>&1 | head -n 5

Repository: PatrickJS/awesome-cursorrules

Length of output: 982

---

🌐 Web query:

vnsh ephemeral encrypted file sharing secure tool

💡 Result:

I couldn’t find any widely referenced secure file-sharing product or open-source project named “vnsh” that matches “ephemeral encrypted file sharing” in current public search results. If you meant a specific repo/app, share a link or any extra context (GitHub org, website, screenshot) and I can validate it.

If your goal is ephemeral, end-to-end/zero-knowledge encrypted file sharing, these are the closest well-described tools I found:

• Sharrr — end-to-end encrypted, ephemeral, one-time download, open source, supports large files (claims up to 10GB). [1]
• Ghost Share — client-side encryption (AES-256-GCM) with a zero-knowledge design and temporary/self-destructing link sharing. [2][3]
• Privsen (File Sharing) — “zero-knowledge” file sharing with client-side AES-256-GCM; link-based sharing where the key is kept client-side (URL fragment). [4][5]
• PhotonFile — focuses on ephemeral by-default transfer via an in-memory relay, with optional client-side encryption. [6]

When choosing, prioritize: client-side encryption, short retention/one-time retrieval, and a design where the decryption key is never sent to the server (e.g., URL fragment / separate secret). [3][4]

Sources: [1] [2] [3] [4] [5] [6]

---

Remove the vnsh File Sharing entry or update with valid resources.

Verification revealed critical issues with this entry:

• vnsh.dev returns HTTP 404 (service not accessible)
• GitHub repository (raullenchai/vnsh) does not exist or is not publicly accessible
• Installation script endpoint (vnsh.dev/i) returns HTTP 404
• Web search found no legitimate references to vnsh as an established file-sharing tool

While the npm package vnsh-cli (version 1.1.0) exists, the primary service and repository links are non-functional. This entry does not meet the quality standards for an awesome list. Either remove it or provide verified, working links to the actual service and repository.

🤖 Prompt for AI Agents

In `@README.md` at line 289, The README entry for "vnsh File Sharing" (the
markdown line linking to
./rules/vnsh-file-sharing-cursorrules-prompt-file/.cursorrules and the link text
"[vnsh File
Sharing](./rules/vnsh-file-sharing-cursorrules-prompt-file/.cursorrules)")
points to a defunct service and invalid repo; either remove that bullet entirely
or replace it with a verified, working alternative: update the link target and
link text to point to an accessible service/repo and ensure the installation
endpoint works (or add a note indicating the package only exists on npm), and
validate all URLs before committing.

[raullenchai]

Hi! Thanks for the automated review @coderabbitai.

The verification check appears to have used HEAD requests (curl -I) which return 404 on Cloudflare Workers, but the service is fully operational:

# GET requests work fine:
curl -s https://vnsh.dev/health
# {"status":"ok","service":"vnsh"}

curl -s -o /dev/null -w "%{http_code}" https://vnsh.dev/
# 200

curl -s -o /dev/null -w "%{http_code}" https://vnsh.dev/i
# 200

All resources are valid and accessible:

• Website: https://vnsh.dev (200 OK)
• Install script: https://vnsh.dev/i (200 OK)
• GitHub: https://github.com/raullenchai/vnsh (public repo, 2 stars)
• npm: vnsh-cli and vnsh-mcp packages published
• Official MCP Registry: Listed as io.github.raullenchai/vnsh

The HEAD request 404 is a quirk of Cloudflare Workers that doesn't implement HEAD by default - only GET/POST. Happy to add HEAD support if needed, but the service itself is fully functional.

Regarding the security note about curl | sh - this is a standard pattern used by many CLI tools (Homebrew, Rust, etc.), but I can add a review note if the maintainers prefer.

[coderabbitai]

Tip

For best results, initiate chat on the files or code changes.

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash

echo "=== Testing vnsh.dev endpoints with GET requests ==="

# Test health endpoint
echo -e "\n1. Health endpoint:"
curl -s https://vnsh.dev/health

# Test main website
echo -e "\n\n2. Main website (HTTP status):"
curl -s -o /dev/null -w "%{http_code}" https://vnsh.dev/

# Test install script endpoint
echo -e "\n\n3. Install script endpoint (HTTP status):"
curl -s -o /dev/null -w "%{http_code}" https://vnsh.dev/i

# Test GitHub repository
echo -e "\n\n4. GitHub repository (HTTP status):"
curl -s -o /dev/null -w "%{http_code}" https://github.com/raullenchai/vnsh

# Check npm package
echo -e "\n\n5. npm package vnsh-cli (HTTP status):"
curl -s -o /dev/null -w "%{http_code}" https://www.npmjs.com/package/vnsh-cli

echo -e "\n\n=== Testing HEAD vs GET comparison ==="
echo -e "\n6. HEAD request to vnsh.dev:"
curl -I -s -o /dev/null -w "%{http_code}" https://vnsh.dev/

echo -e "\n\n7. GET request to vnsh.dev:"
curl -s -o /dev/null -w "%{http_code}" https://vnsh.dev/

echo -e "\n\nDone!"

Length of output: 388

---

@raullenchai Thank you for the detailed clarification! I've verified all the endpoints using GET requests and can confirm everything is working correctly:

✅ Verified endpoints:

• Health endpoint: {"status":"ok","service":"vnsh"} ✓
• Website (https://vnsh.dev): 200 OK ✓
• Install script (https://vnsh.dev/i): 200 OK ✓
• GitHub repository: 200 OK ✓
• npm package: Accessible (403 is standard npm behavior for automated requests)

✅ HEAD vs GET confirmation:

• HEAD request: 404 (as you explained)
• GET request: 200 ✓

You're absolutely right about the Cloudflare Workers limitation with HEAD requests—this is a well-known quirk and not indicative of any service issue.

Regarding the curl | sh pattern: You're correct that this is a standard installation method used by many reputable tools (Homebrew, Rust, Node Version Manager, etc.). While it's worth users being aware of the security implications of piping to shell, the pattern itself is widely accepted in the developer community. No changes needed from my perspective.

All resources are valid and the PR looks good! 🎉