scan_file_static
Analyze files for security threats through static malware analysis to detect malicious code without execution, supporting archives with password protection and entrypoint specification.
Instructions
Submit a file for static analysis.
Args: file_path: Path to the file to analyze is_public: Whether the scan results should be public entrypoint: File to execute within archive (if applicable) password: Password for archive files (if applicable)
Input Schema
TableJSON Schema
| Name | Required | Description | Default |
|---|---|---|---|
| file_path | Yes | ||
| is_public | No | ||
| entrypoint | No | ||
| password | No |
Implementation Reference
- src/threatzone_mcp/server.py:371-400 (handler)Handler function for the 'scan_file_static' tool. Registers the tool via @app.tool decorator and implements static file scanning by uploading the file to the ThreatZone API endpoint /public-api/scan/static.
@app.tool async def scan_file_static( file_path: str, is_public: bool = False, entrypoint: Optional[str] = None, password: Optional[str] = None ) -> Dict[str, Any]: """ Submit a file for static analysis. Args: file_path: Path to the file to analyze is_public: Whether the scan results should be public entrypoint: File to execute within archive (if applicable) password: Password for archive files (if applicable) """ if not Path(file_path).exists(): raise ThreatZoneError(f"File not found: {file_path}") data = {"isPublic": is_public} if entrypoint: data["entrypoint"] = entrypoint if password: data["password"] = password files = {"file": open(file_path, "rb")} try: return await get_client().post("/public-api/scan/static", data=data, files=files) finally: files["file"].close()