Loading...

Virustotal | AI Builder Hub Review & Alternatives | Flaex AI

Back to MCP Directory

Virustotal

Model Context Protocol moderate risk

Virustotal

This MCP server provides comprehensive security analysis by querying the VirusTotal API, offering detailed reports and relationship data for URLs, files, IPs, and domains.

Connections & Capabilities

Connects To

GitHubTwitter

Capabilities

read

Quickstart

Install

npx -y @smithery/cli install @burtthecoder/mcp-virustotal --client claude

Config

{
  "mcpServers": {
    "virustotal": {
      "command": "mcp-virustotal",
      "env": {
        "VIRUSTOTAL_API_KEY": "your-virustotal-api-key"
      }
    }
  }
}

Exposed MCP Tools (8)

safe

get_url_report

Retrieves a comprehensive security report for a given URL, including related files, domains, and threat actors.

Read-only operation; retrieves information without modifying any system or data.

safe

get_file_report

Retrieves a detailed analysis report for a file hash, including behaviors, dropped files, and network connections.

Read-only operation; retrieves information without modifying any system or data.

safe

get_ip_report

Retrieves a comprehensive analysis report for an IP address, including geolocation, reputation data, and related threats.

Read-only operation; retrieves information without modifying any system or data.

safe

get_domain_report

Retrieves a comprehensive analysis report for a domain, including DNS records, WHOIS data, and related SSL certificates.

Read-only operation; retrieves information without modifying any system or data.

safe

get_url_relationship

Queries specific relationships for a URL, such as communicating files or contacted domains, with pagination support.

Read-only operation; retrieves information without modifying any system or data.

safe

get_file_relationship

Queries specific relationships for a file hash, such as behaviors or dropped files, with pagination support.

Read-only operation; retrieves information without modifying any system or data.

safe

get_ip_relationship

Queries specific relationships for an IP address, such as communicating files or historical SSL certificates, with pagination support.

Read-only operation; retrieves information without modifying any system or data.

safe

get_domain_relationship

Queries specific relationships for a domain, such as subdomains or historical WHOIS data, with pagination support.

Read-only operation; retrieves information without modifying any system or data.

Safety Assessment

This server is relatively safe for security analysis tasks. The primary risk lies in the potential misuse of the VirusTotal API key and the exposure of sensitive data through queries. It is safe to use for informational purposes, but caution should be exercised when handling sensitive data or automating tasks with the API.

Primarily read-only operations against VirusTotal API.
No direct access to local file system or system resources.
Relies on VirusTotal's security infrastructure.
Limited write operations through commenting, but no structural changes.

Requires a valid VirusTotal API key, which if compromised, could lead to abuse.
Potential for information disclosure if sensitive data is queried and exposed.
Rate limiting can impact performance and availability.
Dependence on external VirusTotal API introduces a point of failure.