A solid wrapper around the VirusTotal API that brings security analysis directly into Claude Desktop and other MCP clients. You get the standard quartet of URL, file hash, IP, and domain lookups, plus relationship queries for digging into connected threats, dropped files, network connections, and behavioral data. The automatic relationship fetching is handy since it pulls relevant context data alongside basic reports without extra API calls. Supports pagination for deep analysis and includes both stdio and HTTP streaming transports. Grab a VirusTotal API key, drop it in your config, and you're analyzing suspicious URLs and file hashes through natural language queries.
claude mcp add --transport stdio burtthecoder-mcp-virustotal uvx mcp-virustotal