Wraps the ScanMalware.com public API to let Claude submit URLs for malware scanning, poll for results, and search past scans. You get tools for submitting new scans, fetching status and risk scores, pulling TLS certificate details, and querying by domain or keyword. Useful for phishing triage workflows where you want to submit a suspicious link, wait for the scan to finish, then summarize indicators and screenshots. Also handles brand monitoring searches to find lookalike domains flagged as high risk. Runs as a streamable HTTP server with optional bearer token auth, and the repo includes a ready-to-go DigitalOcean deploy setup with Nginx reverse proxy. Most endpoints work without auth, though some require a ScanMalware bearer token.
claude mcp add --transport http com.scanmalware.mcp-scanmalware-mcp https://mcp.scanmalware.com/mcp