MalwareAnalyzerMCP

Overview Schema Related Servers Score Discussions

file

Analyze files to determine their type and identify potential malware using command-line options for detailed inspection.

Instructions

Analyze a file and determine its type

Example usage:

Basic file identification: { "target": "suspicious.exe" }
With options: { "target": "suspicious.exe", "options": "-b" }

Input Schema

TableJSON Schema

Name	Required	Description	Default
`target`	Yes	Target file or data to analyze
`options`	No	Additional command-line options

Implementation Reference

serverMCP.js:130-164 (handler)

Core handler for the 'file' tool execution within the MCP CallToolRequestSchema handler. Validates input using the tool's schema, builds the shell command ('file ...') using buildCommand, executes it via terminalManager.shellCommand, and returns the result.

if (commands[name]) {
  try {
    const cmdConfig = commands[name];
    
    // Validate arguments against schema
    const validationResult = cmdConfig.schema.safeParse(args);
    if (!validationResult.success) {
      return {
        content: [{ 
          type: "text", 
          text: `Error: Invalid parameters for ${name} command.\n${JSON.stringify(validationResult.error.format())}`
        }],
        isError: true,
      };
    }
    
    // Build the command string
    const commandStr = cmdConfig.buildCommand(validationResult.data);
    console.error(`Executing specialized command: ${commandStr}`);
    
    // Execute the command via the terminal manager
    const result = await terminalManager.shellCommand(commandStr);
    console.error(`${name} command executed with PID: ${result.pid}, blocked: ${result.isBlocked}`);
    
    return {
      content: [{ type: "text", text: JSON.stringify(result) }],
    };
  } catch (error) {
    console.error(`Error executing ${name} command:`, error);
    return {
      content: [{ type: "text", text: `Error: ${error instanceof Error ? error.message : String(error)}` }],
      isError: true,
    };
  }
}

commands.js:14-17 (schema)

Base Zod schema used by the 'file' tool (and others) for input validation: requires 'target' string, optional 'options'.

const baseCommandSchema = z.object({
  target: z.string().min(1).describe("Target file or data to analyze"),
  options: z.string().optional().describe("Additional command-line options")
});

serverMCP.js:113-117 (registration)

Dynamic registration of the 'file' tool (from commands config) in the MCP ListToolsRequestSchema handler, exposing name, description, and inputSchema.

const specializedTools = Object.values(commands).map(cmd => ({
  name: cmd.name,
  description: cmd.description + (cmd.helpText ? '\n' + cmd.helpText : ''),
  inputSchema: zodToJsonSchema(cmd.schema),
}));

commands.js:25-38 (helper)

Tool configuration object for 'file', including explicit name, description, schema reference, buildCommand helper that constructs the 'file' shell command, and example help text.

  file: {
    name: 'file',
    description: 'Analyze a file and determine its type',
    schema: baseCommandSchema,
    buildCommand: (args) => {
      const options = args.options ? args.options : '';
      return `file ${options} ${args.target}`;
    },
    helpText: `
Example usage:
  - Basic file identification: { "target": "suspicious.exe" }
  - With options: { "target": "suspicious.exe", "options": "-b" }
    `
  },

Tool Definition Quality

C2.9/5.0

Behavior2/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

With no annotations provided, the description carries the full burden of behavioral disclosure. While it states the tool analyzes files and determines their type, it doesn't describe what happens during analysis (e.g., does it read file contents, check magic bytes, or run external commands?), what permissions are needed, whether it's destructive, or what the output format looks like. The example mentions command-line options but doesn't explain their effects.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness4/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is appropriately sized with a clear purpose statement followed by example usage. The structure is front-loaded with the core functionality, though the example section could be slightly more concise by combining the two usage patterns into one more general example.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness2/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

For a tool with 2 parameters, no annotations, and no output schema, the description is incomplete. It doesn't explain what the analysis entails, what kind of output to expect, or how this differs from sibling tools. The lack of behavioral context and output information leaves significant gaps for an AI agent trying to use this tool effectively.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters3/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema description coverage is 100%, so the schema already documents both parameters adequately. The description adds minimal value beyond the schema by showing example usage patterns, but doesn't provide additional semantic context about what 'target' should be (e.g., file path vs. raw data) or what 'options' might include beyond '-b'.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose4/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the tool's purpose as 'Analyze a file and determine its type', which is a specific verb+resource combination. However, it doesn't explicitly differentiate this tool from sibling tools like 'strings' or 'xxd', which might also analyze files but for different purposes.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines2/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description provides example usage patterns but offers no guidance on when to use this tool versus alternatives like 'strings' or 'objdump'. There's no mention of what makes this tool appropriate for file type analysis versus other analysis tools in the sibling list.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Other Tools

Latest Blog Posts

Tool Definition Quality Score (TDQS)
By punkpeye on April 3, 2026.
mcp
The Hackers Who Tracked My Sleep Cycle
By punkpeye on March 26, 2026.
security
Open Source Has a Bot Problem
By punkpeye on March 19, 2026.
open source

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/abdessamad-elamrani/MalwareAnalyzerMCP'

If you have feedback or need assistance with the MCP directory API, please join our Discord server