Perplexity open-sourced Bumblebee on May 22, 2026, a read-only supply-chain scanner for macOS and Linux developer machines. The Go-based tool inventories packages, browser extensions, and AI tool configs to surface compromised dependencies the moment a new advisory drops, and it ships under Apache 2.0 with zero non-stdlib dependencies.

Try it: scan your dev machine in under a minute

Install the binary with go install github.com/perplexityai/bumblebee/cmd/bumblebee@latest (requires Go 1.25+). The baseline scan emits an NDJSON inventory you can grep, diff, or pipe into a SIEM:

bumblebee scan --profile baseline > inventory.ndjson

When the next npm or PyPI advisory lands, pivot to the deep profile against your home directory with an exposure catalog of bad versions, and Bumblebee will tell you in minutes whether your Cursor, Claude Code, Windsurf, or VSCodium box is touching the bad release. It never executes install scripts and never calls a package manager, so the scan itself can't be weaponized.

Why it matters

The May 18 mini Shai-Hulud npm attack hit AI coding agents hard, and the standard incident response (check every machine, every IDE, every MCP config) was still mostly a manual scramble. Bumblebee turns that scramble into one command. Perplexity already uses it internally to protect machines behind Comet browser and the Computer agent, and the read-only design means security teams can roll it out to every developer endpoint without breaking dev environments.

Key details

Coverage is broad for an initial release: npm (including pnpm, Yarn, and Bun lockfiles), PyPI, Go modules, RubyGems, Composer, MCP server JSON configs, editor extensions for VS Code/Cursor/Windsurf/VSCodium, and Chromium and Firefox browser extension manifests. Three scan profiles ship out of the box: baseline (lightweight, recurring inventory), project (scoped to one or more code roots), and deep (on-demand with an exposure catalog). MarkTechPost's write-up confirms Bumblebee can connect to Perplexity Computer so deeper scans fire automatically when a new supply-chain risk surfaces.

What to do next

Install Bumblebee on every machine that runs a coding agent or an MCP server. Schedule the baseline profile in cron or launchd weekly, and keep an exposure catalog file ready so the deep profile is one command away during an incident. If you also use the Sieve API key scanner, the two tools complement each other: Sieve catches leaked credentials, Bumblebee catches compromised supply chains. Together they cover the two attack paths most likely to hit AI-assisted developers right now.