Safety & cloud scan
Iris Code is MIT‑licensed and the source is all on GitHub. Because the v0.4.0 installer isn't code‑signed yet, this page gives you the tools to verify it yourself in under a minute — published SHA‑256 hashes plus a live VirusTotal cloud scan you can run on demand.
Run the scan yourself
VirusTotal scans the file with 70+ antivirus engines in the cloud. Each card below opens the live report for that exact installer — if anyone has previously scanned the same file, you'll see their verdict instantly; otherwise you can upload it for a fresh scan. The published verdict is whatever VirusTotal says when you click — we don't cache or summarize it here.
Iris-Code-Setup-0.4.0.exe
Click "Open live report" to see VirusTotal's current verdict for this exact file hash.
Iris-Code-Setup-0.4.0-ARM64.exe
Click "Open live report" to see VirusTotal's current verdict for this exact file hash.
If the report says "File not found"
It just means nobody has uploaded that exact build to VirusTotal yet. Upload the installer yourself in about 30 seconds — and the result becomes available to everyone after you:
A handful of generic heuristic flags on unsigned NSIS installers is normal — what matters is the absence of named malware signatures from major vendors (Microsoft, Kaspersky, BitDefender, ESET, etc.).
The Claude Code install prompt on the download page walks through this scan automatically — it queries the hash report before launching the installer.
Four reasons the installer is safe
Open source, MIT licensed
Every line of code that goes into the installer is on GitHub. Anyone can read it, fork it, audit it, or build their own bytewise‑identical installer from source.
SHA‑256 published
Each release lists a SHA‑256 hash for every artifact, both in latest.json and on this page. If a CDN ever served a tampered file, the hash would change.
VirusTotal cloud scan
The links above query the live report for each installer's SHA‑256 hash on virustotal.com — so the verdict is independently checkable by 70+ antivirus engines, not just our word.
No telemetry, no account
The app never phones home. Your Claude API key, your conversations, and your project files all stay on your machine — and the encrypted vault uses Windows DPAPI.
"But Windows SmartScreen still warns me…"
SmartScreen warns about any installer it hasn't seen many users run before — it's a reputation system, not a malware scanner. The v0.4.0 build isn't code‑signed yet (a Windows EV certificate costs $300+/year and we're holding off until v0.5), so it starts at zero reputation regardless of what's inside.
That's exactly why this page exists. The VirusTotal scans above are the real, content‑based verification — SmartScreen is just reputation.
Let Claude Code install & cloud‑scan in one step
The recommended install path on the download page hands the whole flow to a Claude Code session: it verifies the SHA‑256, runs the VirusTotal cloud scan, and only then launches the installer.
One prompt, three layers of safety — hash verification → cloud scan → visible installer UI.
Get the install prompt →Report it directly
If your antivirus flags the installer or a VirusTotal engine reports a real signature (not a generic heuristic), please file an issue immediately. We'll pull the build, investigate, and post a postmortem.