Let’s be honest. If you're a software engineer or a data scientist, your laptop is a beautiful, chaotic mess of tools and code. You've got dozens of packages installed locally, a custom-tuned editor with more extensions than you can count, browser add-ons, and probably a few AI tool configs scattered around. It’s your digital workshop, perfectly set up for you.
But for a security team, it’s a black box.
Imagine this: a major vulnerability drops for a popular npm package. Your CISO gets the alert and immediately asks, "Are we exposed?" The security team can scan production servers and check code repositories, but they have one massive blind spot: your laptop. And yours, and the one next to you. They have no easy way of knowing if that vulnerable package is sitting right there in one of your project folders.
This is the exact problem Perplexity set out to solve with an internal tool they’ve now generously open-sourced. It’s called Bumblebee, and it’s the simple, smart solution to a problem that’s been bugging security and dev teams for years.
So, What’s the Big Disconnect?
You might be thinking, "Don't we already have tools for this?" And you're right, we do. But they all miss the mark in this specific scenario.
Think about it. We have SBOMs (Software Bills of Materials) and vulnerability scanners, but they mostly focus on what’s in our code repositories or what gets built into the final product. They don’t really care about the node_modules folder for that side-project you cloned two months ago.
Then you have EDR (Endpoint Detection and Response) tools. These are great at watching what processes are running or what’s talking to the network. They're like security guards watching the doors and hallways. But they aren't designed to peek inside all the boxes (your project folders) to see what’s stored there.
Bumblebee is designed to fill that exact gap. It doesn’t watch processes or scan build artifacts. It just looks at the state of your local developer environment—the lockfiles, the package metadata, the extension manifests—and answers one simple question: "Does this vulnerable thing exist on this machine right now?"
How Bumblebee Works Its Magic (Without Breaking Anything)
Here’s the part I really love. Bumblebee is a "one-shot" scanner. It’s not a constantly-running agent that drains your battery. You (or your IT team) run it, it does a single, quick scan of your machine, spits out its findings, and then it’s done. Simple.
It’s written in Go and, get this, has zero dependencies outside of the standard library. That’s a huge plus for security and simplicity.
Your team can set it up to run on a schedule using whatever they prefer—cron, launchd, you name it. When it runs, it generates a clean, structured log of what it found in a format called NDJSON (which is just JSON, but with one record per line).
Bumblebee has three main ways it can scan your machine:
- Baseline Scan: This is the quick check-up. It looks in all the usual places: global package folders, language toolchain directories, and common spots for editor and browser extensions.
- Project Scan: This one is more focused. You can tell it to look inside specific development directories, like
~/codeor~/projects, where you keep all your work. - Deep Scan: This is the "we have a problem" mode. During an active incident, a security team can tell it to scan your entire home directory to find any trace of a threat.
At Perplexity, they’ve built a neat workflow around this. When a threat is identified, they update a catalog file, a human reviews it, and then Bumblebee runs across all developer machines to check for matches. It’s a fast, efficient way to go from alert to action.
What’s It Actually Looking For?
Bumblebee has its eyes on four key areas that are often treated separately by other tools.
- Language Packages: This is the big one. It looks for packages from npm, pnpm, Yarn, Bun, PyPI, Go, RubyGems, and Composer. It does this by reading the metadata directly from files like
package-lock.jsonorgo.sum. - AI Agent Configs: As we use more AI tools, their configurations become a potential attack vector. Bumblebee checks for JSON config files from tools like Gemini CLI and others that follow the Model Context Protocol (MCP).
- Editor Extensions: Your code editor is your home, but extensions can be a backdoor. Bumblebee reads the manifests from VS Code, Cursor, and other VS Code-family editors.
- Browser Extensions: It also checks your browser extensions for Chrome, Edge, Brave, Arc, Firefox, and other Chromium-based browsers.
Basically, it covers the full stack of a modern developer's toolkit.
Why "Read-Only" Is the Most Important Feature
This might be the most brilliant part of Bumblebee's design. It is strictly read-only.
Have you ever thought about postinstall scripts in npm? When you run npm install, some packages can automatically execute code on your machine. Now, imagine a vulnerability scanner that, in order to check if you have a bad package, runs npm install. It could literally trigger the very attack it’s trying to prevent!
Bumblebee sidesteps this entire mess. It never invokes package managers like npm or pip. It never runs install scripts. It just reads the text-based metadata files that are already on your disk. It’s not an EDR, so it doesn’t monitor your network or processes. It’s like a librarian who can tell you what books are on the shelf just by looking at the card catalog, without ever needing to open a single one.
This makes it incredibly safe to run.
Understanding the Output
When Bumblebee finds something, it doesn't just say "found it!" It gives you context. Each record includes the package name, version, and where it was found. It also includes a "confidence" score.
- High confidence means it found a perfect match in a canonical metadata file.
- Medium confidence means the identity is solid, but maybe the version info was partial.
- Low confidence means it found a reference, but couldn't confirm the exact version.
Security teams provide their own "exposure catalogs"—simple JSON files that list known bad packages and versions. When Bumblebee finds a match against this catalog, it flags it as a finding, making it super easy for the security team to see what matters.
Want to Kick the Tires?
Getting started is refreshingly simple. If you have Go (version 1.25 or later) installed, it's a one-liner:
go install github.com/perplexityai/bumblebee/cmd/bumblebee@latest
After that, you can run bumblebee selftest to make sure everything is working correctly. The whole thing is open-sourced under the Apache 2.0 license, so you can freely use it, inspect it, and contribute to it.
It's a small, focused tool that does one job and does it incredibly well. It fills a dangerous blind spot in a way that’s safe for developers and incredibly useful for security teams. In a world where supply-chain attacks are increasingly targeting developers directly, a tool like Bumblebee feels less like a nice-to-have and more like a necessity. It’s great to see Perplexity sharing it with the rest of us.
