Create a ScanCode.io addon pipeline to run a clamav scan on a codebase

[pombredanne]

• This would expect that clamav is installed and in the path
• We should run clamscan on the extracted codebase
• If there are viruses detected, we should report an error message for the affected resource.
• At a later stage we could consolidate reporting with the vulnerabilities reporting