Tiger_Media_Scan

@api

Tiger_Media_Scan — the upload scanning orchestrator.

Runs the config-gated pre-store scanners (virus, then AI image moderation) and reports a verdict the upload service acts on. Videos are handled asynchronously (they're stored in_review + private and a job is submitted; a webhook resolves them) — see videoReview().

Policy: an INFECTED / REJECTED verdict blocks the upload with a message. A scanner ERROR is fail-open (store, but leave scan_status = skipped and log) so a clamd/Rekognition hiccup can't halt all uploads; tighten per deploy if you need fail-closed.

All scanners default OFF (media.scan.*), so with nothing configured this is a no-op that returns {ok:true, status:'skipped'}.

Methods

preStore()

preStore(string $path, ?string $mime, string $kind): array

Pre-store verdict for a file.

  • $path string — the file on disk to scan
  • $mime ?string — the file's MIME type (may be null)
  • $kind string — the media kind (image/video/…) gating image moderation

Returns array — status:string, message:?string, meta:array}

videoReview()

videoReview(): bool

Should a video be held for async AI review (stored private + in_review)?

Returns bool — true when video review is configured on