Skip to main content
Security

Every Plugin Scanned for Malware

VirusTotal v3 multi-engine scanning on every plugin version. See the results before you install.

The trust question with GPL plugins

GPL plugins save serious money. A plugin that costs $199/year on the developer's site can be legally redistributed under the GPL license for a fraction of the price. The code is identical. The license allows it.

But there is always a question in the back of your mind: are the files clean? Most GPL distribution sites offer no verification at all. You download a zip file and hope for the best. Manual scanning is tedious, especially when you are installing dozens of plugins across multiple sites.

Zeebrar removes the guesswork. Every plugin version in the catalog is scanned with VirusTotal v3 before it becomes available. The scan results are visible on the plugin page so you can verify before you install.

How It Works

Scanned before you see it

Step 01

Every Version Is Submitted to VirusTotal

When a new plugin version enters the Zeebrar catalog, it is automatically submitted to VirusTotal v3 for analysis. This happens before it becomes available for installation.

Step 02

Multi-Engine Analysis Runs

VirusTotal checks the plugin files against 70+ antivirus engines simultaneously. This is not a single scanner with blind spots. It is the same service used by security professionals worldwide.

Step 03

Results Displayed on the Plugin Page

Scan results are shown directly on each plugin page before you install. You can see exactly how many engines flagged the file and make your own decision.

Benefits

Security you can actually see

Multi-Engine Scanning

A single antivirus engine misses things. VirusTotal runs your file through 70+ engines at once, catching threats that any individual scanner would overlook.

Scan Results Before You Install

You do not have to trust blindly. Every plugin page shows the scan status so you can check before clicking install.

Continuous Catalog Rescanning

Scan results are not a one-time check. The catalog is rescanned periodically so that newly discovered threats are caught even in plugins that were previously clean.

Trust Signal for GPL Plugin Users

GPL plugins are a great way to save money, but trust is essential. Visible scan results give you confidence that the files have been verified by independent security engines.

Clean File Guarantee

If a plugin version is flagged by multiple engines, it is marked clearly on the catalog. You will never accidentally install a file that failed its security scan.

Same Pipeline Powers GPL Coffee

All plugins available through gplcoffee.dev are verified through this same scanning pipeline. One security standard across both platforms.

FAQ

Common questions

What is VirusTotal and why does it matter?
VirusTotal is a free service owned by Google that analyzes files using over 70 antivirus engines simultaneously. Instead of relying on one scanner, it aggregates results from dozens of independent security companies. A clean result from VirusTotal means the file passed scrutiny from the broadest possible range of threat detection systems.
What happens if malware is found in a plugin?
If a plugin version is flagged by multiple VirusTotal engines, it is marked on the plugin page with a warning. Depending on the severity, the version may be pulled from the catalog entirely. Existing installs are not automatically removed from your site, but you will see an alert on your dashboard recommending that you replace or remove the affected version.
Are GPL plugins safe to use?
GPL plugins are identical in code to their premium counterparts. The GPL license requires that the source code be freely redistributable. The risk is not in the license itself, but in where you download them. Unverified sources may inject malicious code. Zeebrar addresses this by scanning every version with VirusTotal before making it available.
How often are plugins rescanned?
New versions are scanned on upload. The existing catalog is rescanned periodically to catch newly identified threats. Antivirus engines update their definitions constantly, so a file that was clean last month could be flagged today if a new threat signature matches.
Can I see the full VirusTotal report?
The plugin page shows a summary of the scan results, including how many engines were used and whether any flagged the file. For the full detailed report, a link to the VirusTotal analysis page is provided where available.

Download plugins you can trust

Every version scanned. Every result visible. No guesswork.

See PricingBrowse Plugins