One-line: Pompelmi scans files for suspicious patterns (YARA rules, MIME heuristics, zip-bomb detection, basic static heuristics) and helps automate safe handling of incoming files in dev/CI workflows.
Why: I wanted a lightweight, opinionated scanner that’s easy to run locally or in CI (no cloud required) and that developers can extend with custom rules.
Features
YARA rules integration (bring your own rules)
MIME sniffing + file type checks
Zip/bomb heuristics and large archive protections
Pluggable heuristics engine + CLI + simple API
Quick to run locally and easy to wire into CI pipelines
MIT license
Quick try (from source)
git clone https://github.com/pompelmi/pompelmi cd pompelmi # install with your preferred package manager (npm / pnpm / yarn) npm install # see README for examples; test a file with the CLI or run the example scanner
Repo / docs: https://github.com/pompelmi/pompelmi
I’m especially interested in feedback on rule UX (how users add/share YARA rules), CI integration examples, and any missing checks you’d expect from a lightweight scanner. Thanks — happy to answer questions and iterate on PRs. — Tommy (JustSouichi)