Who Can Upload Binaries
Until a robust malware scanner is approved, compiled binaries and archives are restricted to staff or approved developers and still require manual review.
Fail Closed
Files with unsupported extensions, MIME mismatch, risky double extensions, path traversal names, unsafe ZIP entries or excessive size are rejected.
Quarantine
Accepted binary-risk files are quarantined for staff review before downloads become available.
Hash And Audit
Every artifact stores SHA-256, declared MIME, detected MIME, size, state and audit metadata.
No Malware Guarantee
Structural checks reduce risk but do not prove a file is malware-free. Users must verify files before use.