Skip to content
Recued
Menu
← Back to recipes

Scan Inbound Files (ClamAV)

by recued-core v1

Reactive virus scan for the reception attachment scan-gate (D-173 P5). Fires whenever a file lands in data.file.received (an inbound reception drop / messenger media / mail attachment), scans it with the local ClamAV daemon through the ClamAV pack's file.scan cli operation, and writes the verdict back to the record's scan_status via the MCP-reserved core.storage.file.set-scan-status kernel op. The reception inbox reads scan_status, so a 'flagged' upload surfaces a sharper warning at approve while a 'clean' one clears the advisory warning. The verdict comes from the scanner exit code (0 = clean, 1 = infected); a scan error (clamd not running, exit 2+) halts this run and leaves the record unscanned (the advisory gate still warns). Requires the clamav-pack installed and a running clamd. Install once; the install creates a default dish that runs on every inbound file.

How it works 4 steps

Inspect the data fetches, transforms, gates, and output this recipe runs.

Process (4 steps)
scan ?
verdict switch
Map scan exit code to one of: 0, 1
write ?
skip: step.verdict equal unscanned
card to_summary
Format results as a summary card

Trust & control

What installing this recipe would let it do. Recued grants these permissions at install — review them there before approving.

Where it runs

Device + server Runs on your device (browser) or your server.

Data it touches

Warehousedata.file

About

Tags

clamavscansecuritymalwarereceptiond-173reactive

Details

4 steps recipe_id: scan-inbound-file-clamav