Virustotal

Name: Virustotal
Author: BurtTheCoder

BurtTheCoder/mcp-virustotal

Run VirusTotal lookups on files, URLs, and indicators from your agent while reviewing dependencies, user uploads, or incident signals.

Overview

VirusTotal MCP is a Ship-phase MCP server that lets agents query VirusTotal for comprehensive file, URL, and indicator security analysis.

What is this MCP server?

Comprehensive VirusTotal API coverage exposed as MCP tools
Hash, URL, domain, and file-oriented security analysis from the agent
stdio transport via @burtthecoder/mcp-virustotal v1.0.17
Mandatory VIRUSTOTAL_API_KEY for authenticated queries
Pairs naturally with code review and dependency audit chat workflows
MCP server version 1.0.17
Required secret: VIRUSTOTAL_API_KEY
stdio MCP transport via @burtthecoder/mcp-virustotal

Compatible agents: Claude Code, Cursor, Codex, any compatible agent

Community signal: 133 GitHub stars.

What problem does it solve?

Checking URLs and hashes against VirusTotal breaks flow when builders must leave the agent to use the web UI or REST calls manually.

Who is it for?

Solo SaaS builders handling uploads, webhooks, or dependencies who want VirusTotal answers inside security-focused agent sessions.

Skip if: Products that cannot send samples or metadata to VirusTotal, air-gapped environments, or teams needing on-prem malware sandboxes only.

What do I get? / Deliverables

With the API key configured, your agent returns multi-vendor detection context inline so you can block, quarantine, or document threats faster.

Agent-accessible VirusTotal query tools
Inline detection ratios and metadata for triage
Faster go/no-go on suspicious artifacts during reviews

Recommended MCP Servers

1Claw Vault1clawAI/1claw-mcp

1Claw Vault exposes a stdio MCP server (@1claw/mcp) that connects AI agents to HSM-backed secret storage with just-in-ti…2 stars

1passwordCakeRepository/1Password-MCP

The 1Password MCP server lets solo builders wire service-account access into Claude Code, Cursor, or other stdio MCP hos…16 stars

402sentinel Mcpkaditang/402sentinel-mcp

402 Sentinel MCP gives solo builders and agent authors a pre-flight check before honoring x402 payment flows on Base. In…1 stars

A2adependencyinspector Mcpclauxel/a2a-dependency-inspector-mcp

A2A Dependency Inspector MCP is a hosted Clauxel server for builders shipping agent-to-agent (A2A) workflows who must pr…

A2a Governance Bridge Mcp

A2A Governance Bridge is a Model Context Protocol server that exposes governance-oriented tools for multi-agent setups: …

A2aidentitytoll Mcpclauxel/a2a-identity-toll-mcp

A2A Identity Toll MCP is a Clauxel-hosted remote MCP server that acts as an identity and policy toll booth for agent-to-…

Journey fit

Primary fit

Malware and reputation checks belong in Ship security when solo builders validate artifacts before release and during post-deploy triage. Security subphase is canonical because the server is a VirusTotal API façade with analysis-focused tools, not general development utilities.

How it compares

VirusTotal API MCP connector, not a local malware sandbox or generic code linter.

Common Questions / FAQ

Who is VirusTotal MCP for?

Builders and operators using MCP agents who need VirusTotal reputation and malware context during development and incident triage.

When should I use VirusTotal MCP?

Use it when reviewing suspicious links, dependencies, or user files before ship, or when investigating alerts in production support threads.

How do I add VirusTotal MCP to my agent?

Configure @burtthecoder/mcp-virustotal as a stdio MCP server, set VIRUSTOTAL_API_KEY, restart your agent, and call the exposed analysis tools.

Virustotal

BurtTheCoder/mcp-virustotal

Run VirusTotal lookups on files, URLs, and indicators from your agent while reviewing dependencies, user uploads, or incident signals.

Overview

VirusTotal MCP is a Ship-phase MCP server that lets agents query VirusTotal for comprehensive file, URL, and indicator security analysis.

What is this MCP server?

Comprehensive VirusTotal API coverage exposed as MCP tools
Hash, URL, domain, and file-oriented security analysis from the agent
stdio transport via @burtthecoder/mcp-virustotal v1.0.17
Mandatory VIRUSTOTAL_API_KEY for authenticated queries
Pairs naturally with code review and dependency audit chat workflows
MCP server version 1.0.17
Required secret: VIRUSTOTAL_API_KEY
stdio MCP transport via @burtthecoder/mcp-virustotal

Compatible agents: Claude Code, Cursor, Codex, any compatible agent

Community signal: 133 GitHub stars.

What problem does it solve?

Checking URLs and hashes against VirusTotal breaks flow when builders must leave the agent to use the web UI or REST calls manually.

Who is it for?

Solo SaaS builders handling uploads, webhooks, or dependencies who want VirusTotal answers inside security-focused agent sessions.

Skip if: Products that cannot send samples or metadata to VirusTotal, air-gapped environments, or teams needing on-prem malware sandboxes only.

What do I get? / Deliverables

With the API key configured, your agent returns multi-vendor detection context inline so you can block, quarantine, or document threats faster.

Agent-accessible VirusTotal query tools
Inline detection ratios and metadata for triage
Faster go/no-go on suspicious artifacts during reviews

Recommended MCP Servers

1Claw Vault1clawAI/1claw-mcp

1Claw Vault exposes a stdio MCP server (@1claw/mcp) that connects AI agents to HSM-backed secret storage with just-in-ti…2 stars

1passwordCakeRepository/1Password-MCP

The 1Password MCP server lets solo builders wire service-account access into Claude Code, Cursor, or other stdio MCP hos…16 stars

402sentinel Mcpkaditang/402sentinel-mcp

402 Sentinel MCP gives solo builders and agent authors a pre-flight check before honoring x402 payment flows on Base. In…1 stars

A2adependencyinspector Mcpclauxel/a2a-dependency-inspector-mcp

A2A Dependency Inspector MCP is a hosted Clauxel server for builders shipping agent-to-agent (A2A) workflows who must pr…

A2a Governance Bridge Mcp

A2A Governance Bridge is a Model Context Protocol server that exposes governance-oriented tools for multi-agent setups: …

A2aidentitytoll Mcpclauxel/a2a-identity-toll-mcp

A2A Identity Toll MCP is a Clauxel-hosted remote MCP server that acts as an identity and policy toll booth for agent-to-…

Journey fit

Primary fit

How it compares

VirusTotal API MCP connector, not a local malware sandbox or generic code linter.

Common Questions / FAQ

Who is VirusTotal MCP for?

Builders and operators using MCP agents who need VirusTotal reputation and malware context during development and incident triage.

When should I use VirusTotal MCP?

Use it when reviewing suspicious links, dependencies, or user files before ship, or when investigating alerts in production support threads.

How do I add VirusTotal MCP to my agent?

Configure @burtthecoder/mcp-virustotal as a stdio MCP server, set VIRUSTOTAL_API_KEY, restart your agent, and call the exposed analysis tools.

Overview

What is this MCP server?

What problem does it solve?

Who is it for?

What do I get? / Deliverables

Recommended MCP Servers

Journey fit

Who is VirusTotal MCP for?

When should I use VirusTotal MCP?

How do I add VirusTotal MCP to my agent?

This week for builders

Overview

What is this MCP server?

What problem does it solve?

Who is it for?

What do I get? / Deliverables

Recommended MCP Servers

Journey fit

Who is VirusTotal MCP for?

When should I use VirusTotal MCP?

How do I add VirusTotal MCP to my agent?