Perplexity is releasing Bumblebee, an open-source security scanner for developer machines, and making an internal supply-chain response tool publicly available. The tool is built for macOS and Linux and is designed to scan local developer environments for risky packages, browser extensions, editor extensions, and AI tool configurations without modifying the machine.
Today we're open-sourcing Bumblebee, a read-only scanner for macOS and Linux.
— Perplexity (@perplexity_ai) May 22, 2026
It checks developer machines for risky packages, extensions, and AI tool configs.
Connected to Computer, it can trigger deeper scans whenever a new supply-chain risk emerges.https://t.co/FOaWnF1yQy pic.twitter.com/wXauD4wDOT
Bumblebee focuses on a specific security problem: when a new compromised package, extension, or developer tool risk appears, teams need to know which machines may be exposed right now. Instead of checking only shipped software via SBOMs or runtime behavior via EDR tools, Bumblebee reads local metadata from lockfiles, package manager records, extension manifests, and supported MCP configuration files. It then emits structured NDJSON records that security teams can compare against exposure catalogs.
The scanner covers common developer ecosystems, including:
- npm, pnpm, Yarn, Bun
- PyPI
- Go modules
- RubyGems
- Composer
- VS Code-family editor extensions such as Cursor, Windsurf, and VSCodium
- Chromium-family browser extensions
- Firefox extensions
- Several MCP host configuration files
It is distributed as a Go-based static binary with no non-standard-library dependencies, and its first tagged release is v0.1.1.
Perplexity is positioning Bumblebee as a read-only tool, meaning it does not run package managers such as npm, pip, or go commands, nor does it read source files. That matters because the target use case is fast detection of inventory and exposure across developer endpoints, not code auditing or malware removal. The tool supports baseline, project, and deep scan profiles, allowing security teams to run lightweight, recurring scans or broader incident-response checks when a known advisory is issued.
The release is aimed mainly at security engineers, DevSecOps teams, and organizations with developers working across many local tools and package ecosystems. Its value is clearest during supply-chain incidents, where response speed depends on quickly identifying which endpoints contain a specific risky package or extension version. For Perplexity, the move also supports its enterprise narrative around safer AI agent deployment, especially as tools like Computer become more deeply connected to developer and business workflows.
