A Model Context Protocol (MCP) server written in Rust that exposes Filescan.io API endpoints as MCP tools.
| Tool | Endpoint | Description |
|---|---|---|
filescan_scan_file |
POST /api/scan/file |
Upload a local file for malware scanning |
filescan_scan_url |
POST /api/scan/url |
Submit a URL for scanning |
filescan_get_scan_reports |
GET /api/scan/{flow_id}/report |
Retrieve reports for a scan flow |
filescan_get_report |
GET /api/reports/{report_id}/{file_hash} |
Get a specific report |
filescan_search_reports |
GET /api/reports/search |
Search reports with many filters |
filescan_get_search_matches |
POST /api/reports/search/matches |
Get IOC matches for report IDs |
filescan_list_public_reports |
GET /api/reports |
List public reports |
filescan_check_file_availability |
POST /api/files/availability |
Check if file hashes are available in Filescan |
filescan_get_hash_reputation |
GET/POST /api/reputation/hash |
Look up reputation for SHA256 hashes (single or bulk) |
filescan_get_ioc_reputation |
GET/POST /api/reputation/{ioc_type} |
Look up reputation for IOCs — domain/ip/url (single or bulk) |
filescan_get_ioc_prevalence |
POST /api/threatintel/get-prevalence |
Get IOC prevalence statistics across reports |
filescan_get_similar_reports |
GET /api/threatintel/get-similars |
Find reports with same special hashes |
filescan_similarity_search |
GET /api/similarity-search/similarity |
[DEPRECATED] Find similar reports by SHA256, tags, threshold, verdict |
filescan_get_hash_reputation: Provide exactly one ofhash(single → GET) orhashes(bulk → POST, 1–100 items).filescan_get_ioc_reputation: Provide exactly one ofioc_value(single → GET) orioc_values(bulk → POST, 1–100 items).ioc_typemust bedomain,ip, orurl.- Bulk lookups are capped at 100 items for safety; this is an MCP convention, not an API limit.
- Reputation results use tagged output:
{ "mode": "single", "result": {...} }or{ "mode": "bulk", "results": [...] }.
filescan_get_ioc_prevalence: Requires at least one IOC array populated (16 IOC types supported).daysmust be 1–30 (default 30).exclude_report_idsis a query parameter (not JSON body).filescan_get_similar_reports: Requires at least one ofimphash,ssdeep,fuzzyfsiohash, orauthentihash.days = -1means no time limit. Response includes file name and SHA256 per report.filescan_similarity_search: Deprecated by the Filescan OpenAPI spec — exposed because requested.min_similarityis 0–100. Requires at least one selector (hash,tags,verdict, ormin_similarity). Returns top 10 most similar and top 10 most recent findings.- All Stage 3 tools are read-only.
- List caps: all IOC arrays,
exclude_report_ids, andtagsare limited to 100 items.
- Rust 1.80+ (stable)
- A Filescan.io API key
| Variable | Required | Default | Description |
|---|---|---|---|
FILESCAN_API_KEY |
Yes | — | Your Filescan.io API key |
FILESCAN_BASE_URL |
No | https://www.filescan.io |
Base URL for the Filescan API |
FILESCAN_TIMEOUT_SECS |
No | 60 |
HTTP request timeout in seconds |
cargo build --releaseThe binary is at target/release/filescan-mcp. Run with:
export FILESCAN_API_KEY="your-api-key-here"
./target/release/filescan-mcpAdd to your claude_desktop_config.json:
{
"mcpServers": {
"filescan": {
"command": "/path/to/target/release/filescan-mcp",
"env": {
"FILESCAN_API_KEY": "your-api-key-here"
}
}
}
}cargo check
cargo test
cargo clippy --all-targets -- -D warnings- All 7 Phase 1 tools are implemented exactly per the OpenAPI analysis.
- Stage 2 tools:
filescan_check_file_availability,filescan_get_hash_reputation,filescan_get_ioc_reputation— all 3 implemented. - Typed input structs with
schemarsJSON schemas for MCP tool registration. - Typed
ScanResponse,ScanPriorityResponse,AllUploadRelatedReportsResponse,ReportSearchResponse,MatchesResponseItemmodels. - Stage 2 models:
ReputationResultHash,ReputationResultIoc,FuzzyhashVerdict,ResultMultiscan,ResultLookup,ReportForReputationCalculation,FileAvailabilityResponse. - Tagged response wrappers (
HashReputationResponse,IocReputationResponse) for stable single-vs-bulk output. - Stage 3 tools:
filescan_get_ioc_prevalence,filescan_get_similar_reports,filescan_similarity_search— all 3 implemented with typed models, validation, and contract tests. IocsPrevalenceMaptriple-nested response deserialization for prevalence and similars endpoints.SimilaritiesResponse,SimilaritiesResultSimilarity(32 optional category scores),DetailsResultSimilarity,ResultSimilaritymodels.- Stage 3 input validation: days bounds, at-least-one selector enforcement, list caps, empty-string rejection.
- All 39 report search query parameters supported.
ReportSearchQueryshared between search and matches endpoints.- Multipart file upload with local file path validation.
- URL-encoded form submission for URL scan.
- Error handling for 400/401/403/404/413/415/422/429 with actionable messages.
Retry-Afterheader handling for 429 rate limiting.- XOR input validation for reputation tools (exactly one of single or bulk must be provided).
- Bulk request safety cap (100 items max) with runtime enforcement.
- API key redaction in
Debugoutput and logs.
- Stage 4 metadata tools:
filescan_system_info,filescan_system_version,filescan_system_config, etc. - Admin/mutation endpoints (news create/delete).
- UI endpoints (logo, translations, languages, countries, etc.).
- The
max_posibbletypo inScanPriorityResponseis handled with#[serde(rename)]. The schema also displays asmax_possible. - For
POST /api/reports/search/matches,unique_filesis exposed as an optional query parameter alongsidereports_idsand the shared search query filters. - Large response payloads (report bodies) use
serde_json::Valuerather than fully-typed structs — this is intentional to handle theadditionalProperties: trueschema. propagate_tagsdefaults totruein the OpenAPI spec but is not sent if unset — let the API handle the default.- The
scan_filetool usesfile_path(local path), not base64 content. This is the MCP stdio convention.