Check URLs Before Clicking
Scan suspicious links against threat intelligence feeds before opening them or sharing them with colleagues.
Verify File Hashes for Malware
Check MD5, SHA1, or SHA256 file hashes against threat intelligence databases to determine if a file is known malware before executing it.
Tool
When a suspicious file arrives — an attachment, a downloaded installer, an executable from a vendor — you need to know whether it matches any known malware samples before anyone runs it. Uploading files to unknown scanning services is a security risk in itself. Checking the hash avoids that problem: the file stays local, and the hash alone is checked against threat databases.
Security Scanner's `check_hash` skill queries MD5, SHA1, and SHA256 hashes against threat intelligence feeds, returning match verdicts, malware family names, and detection counts across scanning engines. You know within seconds whether a file is clean, suspicious, or a confirmed threat.
IT security teams, incident responders, and system administrators use this to vet files before deployment, verify downloads from third-party vendors, and triage attachments flagged by email filters.
Agent Guides
Claude
- Connect ToolRouter in Claude: claude mcp add toolrouter -- npx -y toolrouter-mcp
- Generate the SHA256, SHA1, or MD5 hash of the file you want to check (using certutil, sha256sum, or your OS hash tool).
- Provide the hash to Claude and ask it to check via `security-scanner` with `check_hash`.
ChatGPT
- Connect ToolRouter in ChatGPT: {"mcpServers":{"toolrouter":{"command":"npx","args":["-y","toolrouter-mcp"]}}}
- Provide the file hash and context — what the file is, where it came from, and who is waiting on a verdict.
- Ask ChatGPT to check the hash via `security-scanner` with `check_hash`.
Copilot
- Connect ToolRouter in Copilot: {"mcpServers":{"toolrouter":{"command":"npx","args":["-y","toolrouter-mcp"]}}}
- Extract the file hash from your CI output, asset manifest, or deployment script.
- Ask Copilot to check the hash via `security-scanner` with `check_hash`.
OpenClaw
- Connect ToolRouter in OpenClaw: openclaw mcp add toolrouter -- npx -y toolrouter-mcp
- Generate hashes for all files in the batch using your OS hashing tools.
- Run `security-scanner` with `check_hash` for each hash and collect results in a normalized schema.
Related Use Cases
Investigate Suspicious IP Addresses
Check IP addresses against abuse databases and threat feeds to assess risk before allowing traffic into your network.
Scan Domain Reputation
Check domains against threat intelligence feeds to catch malicious infrastructure, brand impersonation, and newly registered lookalikes.
Generate a Security Report
Run a comprehensive security assessment across a domain or IP and get a structured report covering all threat vectors in one pass.