Share what your AI builds — on your own domain.
Open-source, self-hosted artifact sharing. Drop a file, an HTML page, or a whole site and get a branded, password-protected (zero-knowledge AES-256) link on your own domain in ~1 second — from your terminal or any AI agent. The open-source alternative to Stacktree.
Live demo → · Docs · Try in browser · vs Stacktree
The core way to use Hushdrop is from your agent — it publishes what it builds to your own domain.
Claude Code (recommended — auto-updates via the plugin marketplace):
/plugin marketplace add maxtechera/hushdrop
/plugin install hushdropCursor · Codex · Copilot · Gemini · 20+ Agent Skills hosts:
npx skills add maxtechera/hushdrop-skillNo install — open hushdrop.dev/try, drop an HTML file, get a link. No account.
One-off from the terminal — zero install, zero setup, no account:
npx hushdrop report.html # → https://hushdrop.dev/u/xxxx (+ password, copied) — no setup, no accountFree hosted account — persistent links on your own handle (hushdrop.dev/you/<slug>):
npx hushdrop login # passwordless: GitHub or magic link
npx hushdrop report.html # → https://hushdrop.dev/you/report-a1b2 (persistent)Your own domain — self-host on your Vercel Blob (free, MIT, your URL + brand forever):
# one-click: the "Deploy with Vercel" button above auto-provisions a Blob store — then:
npx hushdrop-install # wire your agents + CLI
hush deploy --domain share.yoursite.com # or do it from a local cloneNo dashboard required. Two commands to try; one more to own.
Anthropic shipped artifact sharing so teams could hand each other the things they make with AI. It's great — and it's locked to their surface, their domain, their account. Stacktree does the agent-native version, but it's a closed SaaS: your content sits on their servers, custom domains and limits are paywalled, and you can't audit or self-host it.
I make things all day with agents: reports, proposals, guides, dashboards, whole little sites. I wanted
to hand someone a link that's mine — my domain, my brand, my keys — in the time it takes to type one
command, without uploading client work to someone else's server. So hush does exactly that:
terminal-native, zero-knowledge, on your own domain, usable from any agent. MIT.
| Hushdrop | Stacktree | send.co | tiiny.host | |
|---|---|---|---|---|
| Your own domain | ✅ free | ❌ | ❌ | paid |
| Zero-knowledge AES-256 | ✅ | ✅ | files only | ❌ |
| Open-source / self-host | ✅ MIT | ❌ | ❌ | ❌ |
| CLI + MCP (agent-native) | ✅ | partial | ❌ | ❌ |
| Anonymous, no-account drop | ✅ | ❌ | ✅ | ✅ |
| Burn-after-read / email-gate | ✅ | partial | partial | ❌ |
| Price | free / self-host | paid | freemium | freemium |
Full write-ups: vs Stacktree · vs Send · vs ShareDuo
- 🔒 Zero-knowledge — branding + AES-256 happen client-side; the server only stores ciphertext.
- 🌐 Your domain, your brand — colors, logo, social cards flow into the unlock gate + previews.
- 🤖 Agent-native — one CLI command or 9 MCP tools; any agent that runs a shell can publish.
- ⏱️ Auto-expire & burn-after-read —
--expire 7d,--burn, server-enforced cleanup. - 📧 Email-gate & revocable share links — restrict by domain, mint/revoke guest links.
- 📦 Anything static — HTML, Markdown (rendered), PDFs, images, multi-file zips → sites.
- 🚀 One-click self-host — Deploy to Vercel auto-provisions Blob; no DB to run.
| You run | You get |
|---|---|
hush report.html |
Branded, AES-256-locked page at yourdomain.com/<slug> (+ auto password) |
hush notes.md |
Markdown → rendered, branded HTML page |
hush report.html -p secret |
Your own password |
hush report.html --no-lock |
Branded page, no password — renders for anyone with the link |
hush report.html --expire 7d |
Auto-expire (7d/24h/2w/date); enforce with hush gc |
hush report.html --burn |
Burn-after-read — self-destructs on first view |
hush report.html --email-gate acme.com |
Only viewers with that email domain can open it |
hush deck.pdf --page |
A branded download page wrapping the file |
hush site.zip |
Multi-file static site at yourdomain.com/<slug>/ |
hush -s q3 deck.html |
Force the slug |
| Command | Does |
|---|---|
hush <file> |
Publish (managed / hosted / self-host, auto-detected) |
hush login / whoami / logout |
Passwordless hosted account (GitHub or magic link) |
hush list / rm <slug> / gc |
List, delete, garbage-collect drops |
hush share <slug> [--revoke] |
Mint / revoke a revocable guest link |
hush claim <url> |
Move an anonymous /u/ drop into your account |
hush set-expiry / set-email-gate / set-password / set-feedback |
Manage a hosted drop |
hush init / setup / deploy |
Configure + self-host on your own domain |
hush migrate |
Re-home hosted drops onto your own Blob |
npx hushdrop-install registers the drops MCP server into your detected agents (Claude Code, Codex,
Cursor, Windsurf, OpenCode, Amp), puts hush on your PATH, and prints config for GUI clients.
claude mcp add hushdrop -- npx -y hushdrop-mcp # Claude Code
codex mcp add hushdrop -- npx -y hushdrop-mcp # Codex| Tool | Purpose |
|---|---|
publish_html |
Publish raw HTML → branded, password-protected link |
publish_file |
Publish a local file (optionally a branded download page) |
update_site |
Replace a drop's content in place (same URL) |
list_sites / delete_site |
List / delete drops |
set_password / set_expiry / set_email_gate / set_feedback |
Manage a hosted drop |
- Read your file and detect its type.
- Brand (HTML) — inject favicon, OG/Twitter card, and a subtle corner badge before
</body>. - Encrypt (if locking) — StatiCrypt (AES-256, client-side) behind your branded unlock gate. The badge is baked in before encryption, so it survives.
- Upload to Vercel Blob under a clean key.
- Serve —
yourdomain.com/<slug>proxies the blob viamiddleware.js, rewriting headers so encrypted HTML decrypts + renders (not downloads) and CSP doesn't block the unlock script. Drops arenoindex, nofollow, noai. - Report — URL (+ password) printed and copied to your clipboard.
Serving is a dumb transparent proxy; all branding + encryption happen client-side at upload. The server only ever stores ciphertext.
The Deploy button clones the repo and auto-provisions a Blob store (it injects BLOB_READ_WRITE_TOKEN;
the app derives its store from the token, so it just works). Then npx hushdrop-install + hush init --domain share.yoursite.com to point your CLI + agents at your instance. Self-host is token-only, free, unlimited
— no account needed. Full walkthrough in skill/SETUP.md.
| File | Holds | Committed? |
|---|---|---|
skill/brand/brand.json |
Presentation — name, colors, owner, social links. Edit to rebrand. | yes |
~/.hushdrop/config.json |
Infra — domain, blob host, Vercel project. Written by hush init. |
no |
~/.hushdrop/.env |
Your BLOB_READ_WRITE_TOKEN. |
no |
Is it really zero-knowledge? Yes — for locked drops, AES-256 runs in your browser before upload; the server stores only ciphertext.
Managed vs. hosted vs. self-host? Managed = anonymous, 24h, no account. Hosted = free account, persistent links on hushdrop.dev/you/…. Self-host = your own domain + Blob.
Does it need Vercel? Only to self-host. The managed + hosted tiers need nothing but npx.
How is this different from Stacktree? Same agent-native idea, but open-source, self-hostable, your own domain free, and anonymous (no account). See the comparison.
Can agents use it without MCP? Yes — it's a single CLI; any agent that runs a shell command can publish.
Is it free? Yes. MIT. Self-host costs only your own (usually pennies) Vercel Blob usage.
- Locked HTML is genuinely AES-256 encrypted in the browser — use long passwords; strong against casual access, not a vault.
- Raw files are protected by an unguessable slug; use
--page -p <password>for a gated download. - Passwords are stored in
~/.hushdrop/manifest.jsonon your machine only — never uploaded.
See SECURITY.md to report a vulnerability.
PRs welcome — see CONTRIBUTING.md. It's a few hundred lines of readable Node + HTML, no build step.
MIT · Built by Max Techera · GitHub · Instagram · hushdrop.dev
{ "mcpServers": { "hushdrop": { "command": "npx", "args": ["-y", "hushdrop-mcp"] } } }