Skip to content

Malware scanning pipeline (async quarantine) #104

Description

@veverkap

Problem

Uploaded files are not scanned for malicious payloads.

Acceptance Criteria

  • New uploads are scanned asynchronously.
  • Suspicious files are quarantined and blocked from public access.
  • Scan status visible via API/UI.
  • Failure policy (fail-open/fail-closed) is explicit and configurable.

Test Plan

  • Pipeline tests for clean/infected/scan-failure outcomes.
  • Access control tests on quarantined files.

Rollout Notes

  • Document operational dependencies (scanner service/signatures).

Metadata

Metadata

Assignees

No one assigned

    Labels

    backendBackend/API workinfraInfrastructure/ops worksecuritySecurity-related work

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions