Question 1

How to integrate Pompelmi with Express.js for file upload scanning?

Accepted Answer

Use the provided Express middleware or the scanBytes function with a multipart parser like multer. The demo example shows how to block uploads based on the verdict, ensuring files are inspected before storage.

Question 2

Pompelmi vs ClamAV for Node.js: which should I use?

Accepted Answer

Pompelmi integrates directly into your app for pre-storage scanning with spoofing and structure checks, while ClamAV is a standalone antivirus engine. Use Pompelmi for integrated security decisions and ClamAV for deep signature scanning; they can be combined via YARA.

Question 3

Can Pompelmi detect malicious code in Office documents?

Accepted Answer

Yes, it checks for suspicious signals like Office macro hints and risky PDF actions. However, for known malware, you should supplement it with YARA rules or external scanners, as it's not a full antivirus.

Question 4

Does Pompelmi support scanning files already in AWS S3?

Accepted Answer

Yes, the documentation includes tutorials for S3 presigned uploads with quarantine workflows, allowing you to scan files before promoting them from a quarantine bucket to a trusted one.

Question 5

How to handle false positives when using Pompelmi?

Accepted Answer

Adjust the security policy settings, such as customizing allowlists for MIME types and extensions, and fine-tune YARA rules if integrated. Start with STRICT_PUBLIC_UPLOAD and modify based on your application's trust model.

Question 6

Is Pompelmi suitable for scanning video or image uploads?

Accepted Answer

It can detect spoofing and basic binary signals, but its primary value is for documents, archives, and executables. For media files, consider if checking for embedded threats or format validation aligns with your risk profile.

Pompelmi

What is Pompelmi?

Overview

Use Cases

Best For

Related Projects

Found a gem we're missing?

Not Ideal For

Pros & Cons

Pros

Cons

Frequently Asked Questions