Perplexity has open-sourced a new security tool called Bumblebee designed to scan developer computers for compromised software without triggering the malicious code. The free tool checks for infected software packages, malicious browser extensions, and vulnerable AI connector configurations by reading metadata instead of executing files. This “read-only” approach aims to prevent the automatic spread of supply-chain attacks, like a recent incident impacting over 160 packages used by millions.
Perplexity has released Bumblebee, a free, open-source security scanner. The tool checks developer machines for compromised software packages, malicious browser extensions, and vulnerable AI tool configurations without running the potentially infected code.
This method avoids a critical flaw in many security scanners. Most scanners work by invoking the software they are checking, which can accidentally trigger the attacks they are meant to detect.
The tool is the first open-source scanner to treat Model Context Protocol (MCP) configuration files as a security surface. These files are the connectors that give AI assistants like Claude access to emails, databases, and other sensitive services.
Perplexity has used Bumblebee internally to protect systems behind its search product and AI agents. The company stated, “Bumblebee started as an internal tool. Making Perplexity products more secure for users starts with protecting the developer systems we use to build them.”
The tool includes a built-in threat directory seeded from recent attacks, including a major campaign on May 11. In that incident, a hacker group called TeamPCP slipped malicious code into over 160 software packages, including tools from Mistral AI and UiPath.
Bumblebee is available on GitHub under the Apache 2.0 license. This allows anyone to use, modify, and distribute the tool without legal restrictions.
