- Disclaimer
- Features
- URL Filter 🌐
- URL Phishing Check 🗡️
- File MIME Type Filter 📎
- File Virus Scan 🦠
- [planned] Keyword Filter 📄
- Protected Public Rooms (Mentions)
- License
Guardian is not a user moderation bot and only analyzes messages themselves.
If you are looking for user moderation, check out the-draupnir-project/Draupnir or matrix-org/mjolnir.
Activation (default: true): GUARDIAN_URL_FILTER: true|false
Help Command: !gd url
Guardian supports URL filtering based on a customizable domain list.
Examples:
!gd url block t.me!gd url unblock t.me
Guardian supports checking URLs in messages for suspicious content.
The analysis can be powered by the following providers:
Reference: https://docs.virustotal.com/reference/url-info
API-Key (required): GUARDIAN_VIRUS_TOTAL_KEY: <key>
Activation (default: false): GUARDIAN_URL_CHECK_VIRUS_TOTAL: true|false
VirusTotal allows scanning a full URL and returning a very comprehensive scan report.
Guardian rates a URL "suspicious" if the statistics malicious and suspicious have a combined score of 3 or more.
Reference: https://fishfish.gg
Activation (default: false): GUARDIAN_URL_CHECK_FISHFISH: true|false
FishFish allows scanning a domain and returning a rating, if found in their reports.
Guardian rates a URL "suspicious" if the FishFish rating is malware or phishing rather than safe.
Activation (default: true): GUARDIAN_MIME_FILTER: true|false
Help Command: !gd mime
Guardian supports file MIME type filtering based on a customizable MIME type list.
Examples:
!gd mime block application/zip!gd mime unblock application/zip!gd mime list
Guardian supports checking message attachments for malware.
(Currently this is limited to hash-based lookup, the long delay of live scans is a problem).
The analysis can be powered by the following providers:
Reference: https://docs.virustotal.com/reference/file-info
API-Key (required): GUARDIAN_VIRUS_TOTAL_KEY: <key>
Activation (default: false): GUARDIAN_VIRUS_CHECK_VIRUS_TOTAL: true|false
VirusTotal allows passing a hash (Guardian uses sha256) and returning a related report if one exists.
Guardian rates a URL "suspicious" if the statistic malicious is >1 or suspicious is >3.
This list showcases some of the rooms who use the Matrix Guardian 🛡️:
If you would like to add a room, please open an issue
This Source Code Form is subject to the terms of the Mozilla Public
License, v. 2.0. If a copy of the MPL was not distributed with this
file, You can obtain one at https://mozilla.org/MPL/2.0/.
![@dependabot[bot]](https://avatars.githubusercontent.com/in/29110?s=64&v=4){kind=small}