virustotal-security-scanner
Scan files and URLs using VirusTotal API via curl or Python utilities. Check hashes, upload files, and manage comments.
Why use this skill?
Analyze files and URLs using the VirusTotal API within OpenClaw. Perform hash lookups, file uploads, and manage security reports securely.
Install via CLI (Recommended)
clawhub install openclaw/skills/skills/aleph8/virustotal-security-scannerWhat This Skill Does
The virustotal-security-scanner is a powerful security tool designed to interface with the VirusTotal API to facilitate threat intelligence gathering. By allowing OpenClaw to perform hash lookups, file uploads, and report management, this skill enables users to analyze potential security threats directly from their development environment. It provides a structured way to determine if a specific file or URL is flagged by security vendors without leaving your workflow.
Installation
To integrate this skill into your OpenClaw environment, execute the following command: clawhub install openclaw/skills/skills/aleph8/virustotal-security-scanner. Ensure you have obtained your API key from the VirusTotal dashboard and set it as an environment variable (VT_API_KEY) to allow the agent to authorize requests. We strongly recommend creating a local directory at ~/.vt/ to cache API results, which helps respect rate limits and improves response times for frequently scanned assets.
Use Cases
This skill is indispensable for developers and security researchers who need to verify the integrity of external files or investigate suspicious downloads. Common use cases include: 1) Performing initial triage on downloaded libraries or dependencies; 2) Analyzing potential malware samples in a sandboxed environment; 3) Automating the reporting of file hashes to internal security tracking systems; 4) Checking URLs for known malicious redirects before browser integration.
Example Prompts
- "Scan the file at /downloads/update.zip and tell me if any security vendors flagged it as malicious."
- "Calculate the SHA256 hash for /projects/firmware.bin and check the VirusTotal report. If it's cached, display the analysis stats."
- "I need to upload /tmp/suspicious_script.sh to VirusTotal for analysis. Please confirm it's under 32MB and proceed with the upload, ensuring no metadata is attached."
Tips & Limitations
Privacy is paramount when using this tool. Remember that VirusTotal is a public platform; once you upload a file, it becomes available to the global security community. Never upload sensitive proprietary code or files containing PII. Always check the file size before selecting between standard and large-file upload workflows. For efficiency, always check your local cache folder before requesting a fresh network call to avoid hitting API rate limits during large batch scans.
Metadata
Not sure this is the right skill?
Describe what you want to build — we'll match you to the best skill from 16,000+ options.
Find the right skillPaste this into your clawhub.json to enable this plugin.
{
"plugins": {
"official-aleph8-virustotal-security-scanner": {
"enabled": true,
"auto_update": true
}
}
}Tags(AI)
Flags: network-access, file-read, external-api
Related Skills
virustotal security scanner
Scan files and URLs using VirusTotal API via curl or Python utilities. Check hashes, upload files, and manage comments.
virustotal security scanner
Scan files and URLs using VirusTotal API via curl or Python utilities. Check hashes, upload files, and manage comments.
yahoo-finance
Get stock quotes, financial data, market news, and portfolio analytics from Yahoo Finance. Use when you need real-time stock prices, historical data, company financials, crypto prices, or market analysis.