How to Scan a File for Viruses in Power Automate
If security policies at the network edge are judicious enough, we shouldn’t have to worry about files containing viruses & malware lying around in our file system.
Unfortunately, however, virus scanning is never a perfect science. Threatening files can (and do) slip through the cracks, navigating their way to sensitive internal storage locations where we might accidentally access them or send them to someone else from our network. Redundancy in virus scanning goes a long way to mitigating this issue, especially at natural chokepoints in our file processing systems.
Since Power Automate is a platform chiefly used for processing & modifying files from around our various file systems, it’s also a great place to implement additional virus scanning policies. Checking files for threats in Power Automate can’t hurt — and it’s especially sensible if we’re building flows that share files outside our network.
In this quick demonstration, we’ll learn how to scan files for over 17 million virus & malware threats using the Cloudmersive Virus Scan connector in Power Automate. In my example, I’ll scan a PDF document before emailing that document to a “client”. We’ll use an instant cloud flow in this context so we can have full control over our data.
We’ll start by getting the file for our virus scanning test. To do that, we’ll use a Get file content action (this action is available for both SharePoint and OneDrive connectors).
Next, we’ll search for our Cloudmersive Virus Scan connector action. To find it, we’ll type “Cloudmersive” into the connector search bar and scroll down until we see the Virus Scan connector with the dark blue logo (at the bottom).
The Virus Scan connector actions list only contains two actions, and we can see both of them right away. We’ll select the Scan a file for viruses action from here.
Once we do that, we’ll need to create our Cloudmersive Virus Scan connection. We’ll need a free Cloudmersive API key for that, and we can get one by visiting the Cloudmersive website & creating a free account.
After we’ve created and authorize our connection, we’ll configure our virus scanning request by adding our file content in the Input File field.
If we were to run this flow right now, we’d receive a CleanResult: true or CleanResult: false response for the file we selected in our flow. As we might expect, true responses indicate a clean file, and false responses indicate a malicious file.
We’ll use these responses to determine whether our PDF should be sent out to a client in a subsequent email. Specifically, we’ll create a Condition control that only emails the file if it receives a true response from the Virus Scan connector. We’ll configure our Condition by setting the body/CleanResult value to “true” (note — the “t” in “true” must be lowercase as shown in my example to match the API response).
Finally, within the True branch of our Condition, we’ll add an action that emails our PDF to a recipient. In my example test case, I’ll simply email the document to myself using the Send an email (V2) action.
We’ll now save and test our flow. Once our test finishes running, we can open our Scan a file for viruses action to review the output.
In my example, my test file received a CleanResult: true response, and this triggered the True branch of my condition to send an email with my target recipient.
And just like that, we’ve added a nice layer of additional virus scanning security to one of our outbound file-emailing workflows. It can’t hurt!
