scan_file_static
Submit files for static malware analysis to detect security threats without execution. Handles archives with optional entrypoints and passwords while controlling result visibility.
Instructions
Submit a file for static analysis.
Args: file_path: Path to the file to analyze is_public: Whether the scan results should be public entrypoint: File to execute within archive (if applicable) password: Password for archive files (if applicable)
Input Schema
TableJSON Schema
| Name | Required | Description | Default |
|---|---|---|---|
| entrypoint | No | ||
| file_path | Yes | ||
| is_public | No | ||
| password | No |
Implementation Reference
- src/threatzone_mcp/server.py:371-400 (handler)The main handler function for the 'scan_file_static' tool. It checks if the file exists, prepares data with optional parameters, opens the file, posts it to the ThreatZone static scan API endpoint, and ensures the file is closed afterward.@app.tool async def scan_file_static( file_path: str, is_public: bool = False, entrypoint: Optional[str] = None, password: Optional[str] = None ) -> Dict[str, Any]: """ Submit a file for static analysis. Args: file_path: Path to the file to analyze is_public: Whether the scan results should be public entrypoint: File to execute within archive (if applicable) password: Password for archive files (if applicable) """ if not Path(file_path).exists(): raise ThreatZoneError(f"File not found: {file_path}") data = {"isPublic": is_public} if entrypoint: data["entrypoint"] = entrypoint if password: data["password"] = password files = {"file": open(file_path, "rb")} try: return await get_client().post("/public-api/scan/static", data=data, files=files) finally: files["file"].close()
- src/threatzone_mcp/server.py:371-371 (registration)The @app.tool decorator registers the scan_file_static function as an MCP tool in the FastMCP server.@app.tool