add virustotal scan to CI release workflow

.github/workflows/release.yml

@@ -410,14 +410,34 @@ jobs:
           rm -v release/._ArduinoCreateAgent*.dmg
           mv -v ArduinoCreateAgent-windows*/* release/
 
+      - name: VirusTotal Scan
+        id: virustotal_step
+        uses: crazy-max/ghaction-virustotal@v2
+        with:
+          vt_api_key: ${{ secrets.VIRUSTOTAL_API_KEY }}
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+          update_release_body: false # `true` won't work becasue trigger type is not release
+          files: |
+            release/*.exe
+            arduino-create-agent-windows-2019-386/arduino-create-agent.exe
+            arduino-create-agent-windows-2019-amd64/arduino-create-agent.exe
+
+      - name: Organize release body message #use sed to clean and format the output markdown style
+        id: release_body
+        run: |
+          vt_title="## VirusTotal analysis 🛡: %0A"
+          vt_links="$(echo ${{ steps.virustotal_step.outputs.analysis}} | sed 's/release\///g' | sed 's/,/\n/g' | sed 's/^/- [/' | sed 's/=/](/' | sed 's/$/)/')"
+          vt_links="${vt_links//$'\n'/'%0A'}" # replace \n with a special character -> generates a single lines, \n will be reintroduced later
+          echo "::set-output name=RBODY::$vt_title$vt_links"
+
       - name: Create Github Release
         uses: actions/create-release@v1
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         with:
           tag_name: ${{ github.ref }}
           release_name: ${{ github.ref }}
-          body: ""
+          body: ${{ steps.release_body.outputs.RBODY}}
           draft: false
           prerelease: ${{ steps.prerelease.outputs.IS_PRE }}