Skip to content

widdix/attachmentav-cli

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
.github/workflows
.github/workflows
 
 
src
src
 
 
.gitignore
.gitignore
 
 
Cargo.lock
Cargo.lock
 
 
Cargo.toml
Cargo.toml
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

attachmentav

Command-line client for attachmentAV — scan a file for malware from your terminal or CI pipeline.

Install

From a release binary

Prebuilt binaries for Linux, macOS, and Windows are attached to each GitHub release. Download the archive for your platform, extract it, and place attachmentav (or attachmentav.exe) somewhere on your PATH.

Example for Linux (x86_64):

curl -L -o attachmentav.tar.gz \
  https://github.com/widdix/attachmentav-cli/releases/latest/download/attachmentav-vX.Y.Z-x86_64-unknown-linux-gnu.tar.gz
tar -xzf attachmentav.tar.gz
sudo mv attachmentav-*/attachmentav /usr/local/bin/

macOS: Gatekeeper

macOS quarantines binaries downloaded from the internet. On the first run you'll see: "Apple could not verify 'attachmentav' is free of malware..." The release binaries are not yet signed and notarized; until then, clear the quarantine attribute after extracting:

xattr -d com.apple.quarantine /path/to/attachmentav

From source

Requires a stable Rust toolchain.

cargo install --path .

Get an API key

You need an attachmentAV API key to use the CLI. Sign up and create a key https://attachmentav.com/subscribe/api/.

Export the key before running the CLI:

export ATTACHMENTAV_API_KEY=<your-api-key>

Usage

Scan a file:

attachmentav path/to/file

Scan data piped on stdin:

cat path/to/file | attachmentav
curl -s https://example.com/some-file | attachmentav

The CLI prints a one-line result:

  • clean — no malware found
  • infected: <finding> — malware detected
  • other statuses are printed verbatim

Add --json to emit the raw API response instead:

attachmentav --json path/to/file

Exit codes

Code Meaning
0 File is clean
1 File is infected
2 Error (I/O, auth, network, unexpected response)

This follows the ClamAV convention, so existing scripts that branch on scanner exit codes work unchanged.

Region

attachmentAV exposes regional endpoints. The CLI defaults to EU. Override with --region or the ATTACHMENTAV_REGION environment variable:

attachmentav --region us path/to/file
ATTACHMENTAV_REGION=canada attachmentav path/to/file

Valid values: eu, us, canada, india.

Limits

The CLI uses attachmentAV's synchronous /scan/sync/binary endpoint, which accepts at most 10 MB per request. Inputs larger than 10 MB are rejected with a clear error. Support for larger files is planned.

Configuration reference

Variable Purpose Default
ATTACHMENTAV_API_KEY API key used for authentication
ATTACHMENTAV_REGION Region: eu, us, canada, india eu

Example: EICAR test

printf 'X5O!P%%@AP[4\\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*' \
  | attachmentav
# infected: EICAR-AV-Test
# exit code 1

License

See LICENSE.

About

A virus scan CLI. Scan files for viruses, trojans, and other kinds of malware with attachmentAV.

attachmentav.com/

Topics

cli virus scanner malware scan virus-scanning virus-scanner

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases 1

v0.1.1 Latest
Apr 21, 2026

Packages

 
 
 

Contributors

Languages