Cloudmersive · Capability
virusapi — Scan
virusapi — Scan. 3 operations. Lead operation: Scan a file for viruses. Self-contained Naftiko capability covering one Cloudmersive business surface.
What You Can Do
POST
Scanfile
— Scan a file for viruses
/v1/virus/scan/file
POST
Scanfileadvanced
— Advanced Scan a file for viruses
/v1/virus/scan/file/advanced
POST
Scanwebsite
— Scan a website for malicious content and threats
/v1/virus/scan/website
MCP Tools
scan-file-viruses
Scan a file for viruses
advanced-scan-file-viruses
Advanced Scan a file for viruses
scan-website-malicious-content-and
Scan a website for malicious content and threats
Capability Spec
naftiko: 1.0.0-alpha2
info:
label: virusapi — Scan
description: 'virusapi — Scan. 3 operations. Lead operation: Scan a file for viruses. Self-contained Naftiko capability
covering one Cloudmersive business surface.'
tags:
- Cloudmersive
- Scan
created: '2026-05-19'
modified: '2026-05-19'
binds:
- namespace: env
keys:
CLOUDMERSIVE_API_KEY: CLOUDMERSIVE_API_KEY
capability:
consumes:
- type: http
namespace: virus-scan-scan
baseUri: https://localhost
description: virusapi — Scan business capability. Self-contained, no shared references.
resources:
- name: virus-scan-file
path: /virus/scan/file
operations:
- name: scanfile
method: POST
description: Scan a file for viruses
outputRawFormat: json
outputParameters:
- name: result
type: object
value: $.
inputParameters:
- name: inputFile
in: formData
type: file
description: Input file to perform the operation on.
required: true
- name: virus-scan-file-advanced
path: /virus/scan/file/advanced
operations:
- name: scanfileadvanced
method: POST
description: Advanced Scan a file for viruses
outputRawFormat: json
outputParameters:
- name: result
type: object
value: $.
inputParameters:
- name: inputFile
in: formData
type: file
description: Input file to perform the operation on.
required: true
- name: fileName
in: header
type: string
description: 'Optional: specify the original file name of the file being scanned. By default the file name is taken
from inputFile parameter, but if this is not provided, or'
- name: allowExecutables
in: header
type: boolean
description: Set to false to block executable files (program code) from being allowed in the input file. Default
is false (recommended).
- name: allowInvalidFiles
in: header
type: boolean
description: Set to false to block invalid files, such as a PDF file that is not really a valid PDF file, or a Word
Document that is not a valid Word Document. Default is f
- name: allowScripts
in: header
type: boolean
description: Set to false to block script files, such as a PHP files, Python scripts, BAT scripts, JS scripts, and
other malicious content or security threats that can be em
- name: allowPasswordProtectedFiles
in: header
type: boolean
description: Set to false to block password protected and encrypted files, such as encrypted zip and rar files,
and other files that seek to circumvent scanning through pass
- name: allowMacros
in: header
type: boolean
description: Set to false to block macros and other threats embedded in document files, such as Word, Excel and
PowerPoint embedded Macros (including support for .DOCX, .XLS
- name: allowXmlExternalEntities
in: header
type: boolean
description: Set to false to block XML External Entities and other threats embedded in XML files, and other files
that contain embedded content threats. Set to true to allo
- name: allowInsecureDeserialization
in: header
type: boolean
description: Set to false to block Insecure Deserialization and other threats embedded in JSON and other object
serialization files, and other files that contain embedded co
- name: allowHtml
in: header
type: boolean
description: Set to false to block HTML input in the top level file; HTML can contain XSS, scripts, local file accesses
and other threats. Set to true to allow these file t
- name: allowUnsafeArchives
in: header
type: boolean
description: 'Set to false to block unsafe archives such as Zip Bombs, and other archives that can cause unsafe
extraction outcomes. Default is false (recommended). If set '
- name: allowOleEmbeddedObject
in: header
type: boolean
description: Set to false to block OLE embedded objects, which can contain vulnerabilities and executable code. Default
is false (recommended). If set to true, OLE embedde
- name: allowUnwantedAction
in: header
type: boolean
description: Set to false to block unwanted or undesired actions, which can contain execute or open links or content
when the file is viewed. Default is false (recommended)
- name: options
in: header
type: string
description: Comma separated set of configuration operations. Include permitJavascriptAndHtmlInPDFs to allow JavaScript
and HTML in PDF files. Include permitJavascriptInHt
- name: restrictFileTypes
in: header
type: string
description: Specify a restricted set of file formats to allow as clean as a comma-separated list of file formats,
such as .pdf,.docx,.png would allow only PDF, PNG and Word
- name: virus-scan-website
path: /virus/scan/website
operations:
- name: scanwebsite
method: POST
description: Scan a website for malicious content and threats
outputRawFormat: json
outputParameters:
- name: result
type: object
value: $.
inputParameters:
- name: input
in: body
type: string
required: true
exposes:
- type: rest
namespace: virus-scan-scan-rest
port: 8080
description: REST adapter for virusapi — Scan. One Spectral-compliant resource per consumed operation, prefixed with /v1.
resources:
- path: /v1/virus/scan/file
name: virus-scan-file
description: REST surface for virus-scan-file.
operations:
- method: POST
name: scanfile
description: Scan a file for viruses
call: virus-scan-scan.scanfile
with:
inputFile: rest.inputFile
outputParameters:
- type: object
mapping: $.
- path: /v1/virus/scan/file/advanced
name: virus-scan-file-advanced
description: REST surface for virus-scan-file-advanced.
operations:
- method: POST
name: scanfileadvanced
description: Advanced Scan a file for viruses
call: virus-scan-scan.scanfileadvanced
with:
inputFile: rest.inputFile
fileName: rest.fileName
allowExecutables: rest.allowExecutables
allowInvalidFiles: rest.allowInvalidFiles
allowScripts: rest.allowScripts
allowPasswordProtectedFiles: rest.allowPasswordProtectedFiles
allowMacros: rest.allowMacros
allowXmlExternalEntities: rest.allowXmlExternalEntities
allowInsecureDeserialization: rest.allowInsecureDeserialization
allowHtml: rest.allowHtml
allowUnsafeArchives: rest.allowUnsafeArchives
allowOleEmbeddedObject: rest.allowOleEmbeddedObject
allowUnwantedAction: rest.allowUnwantedAction
options: rest.options
restrictFileTypes: rest.restrictFileTypes
outputParameters:
- type: object
mapping: $.
- path: /v1/virus/scan/website
name: virus-scan-website
description: REST surface for virus-scan-website.
operations:
- method: POST
name: scanwebsite
description: Scan a website for malicious content and threats
call: virus-scan-scan.scanwebsite
with:
input: rest.input
outputParameters:
- type: object
mapping: $.
- type: mcp
namespace: virus-scan-scan-mcp
port: 9090
transport: http
description: MCP adapter for virusapi — Scan. One tool per consumed operation, routed inline through this capability's
consumes block.
tools:
- name: scan-file-viruses
description: Scan a file for viruses
hints:
readOnly: false
destructive: false
idempotent: false
call: virus-scan-scan.scanfile
with:
inputFile: tools.inputFile
outputParameters:
- type: object
mapping: $.
- name: advanced-scan-file-viruses
description: Advanced Scan a file for viruses
hints:
readOnly: false
destructive: false
idempotent: false
call: virus-scan-scan.scanfileadvanced
with:
inputFile: tools.inputFile
fileName: tools.fileName
allowExecutables: tools.allowExecutables
allowInvalidFiles: tools.allowInvalidFiles
allowScripts: tools.allowScripts
allowPasswordProtectedFiles: tools.allowPasswordProtectedFiles
allowMacros: tools.allowMacros
allowXmlExternalEntities: tools.allowXmlExternalEntities
allowInsecureDeserialization: tools.allowInsecureDeserialization
allowHtml: tools.allowHtml
allowUnsafeArchives: tools.allowUnsafeArchives
allowOleEmbeddedObject: tools.allowOleEmbeddedObject
allowUnwantedAction: tools.allowUnwantedAction
options: tools.options
restrictFileTypes: tools.restrictFileTypes
outputParameters:
- type: object
mapping: $.
- name: scan-website-malicious-content-and
description: Scan a website for malicious content and threats
hints:
readOnly: false
destructive: false
idempotent: false
call: virus-scan-scan.scanwebsite
with:
input: tools.input
outputParameters:
- type: object
mapping: $.