Scan Inbound Files (Windows Defender)
Reactive virus scan for the reception attachment scan-gate (D-173 P5) on a Windows-hosted server — the Defender sibling of scan-inbound-file-clamav. Fires whenever a file lands in data.file.received (an inbound reception drop / messenger media / mail attachment), scans it with the built-in Windows Defender engine through the Defender pack's file.scan cli operation, and writes the verdict back via the MCP-reserved core.storage.file.set-scan-status kernel op. The reception inbox reads scan_status, so a 'flagged' upload surfaces a sharper warning at approve while a 'clean' one clears the advisory warning. The verdict comes from the MpCmdRun exit code: 0 = clean, 2 = malware found (or a scan error, conservatively flagged — fail-safe, no malware passes). Any other code halts this run and leaves the record unscanned (the advisory gate still warns). Requires the defender-pack installed and an ELEVATED, Windows-hosted recued server. Install once; the install creates a default dish that runs on every inbound file. Install EITHER this or scan-inbound-file-clamav for your platform — not both (a double-scan is redundant; if both fire, the last verdict wins).
How it works
Inspect the data fetches, transforms, gates, and output this recipe runs.
Trust & control
What installing this recipe would let it do. Recued grants these permissions at install — review them there before approving.