By Asif Razzaq
Publication Date: 2026-05-23 08:17:00
Attackers increasingly target the packages, editor extensions, and AI tool configs on developer machines and not just production systems. Perplexity has open-sourced an internal tool it uses to address this problem.
Perplexity released Bumblebee on GitHub. The tool is a read-only inventory collector for macOS and Linux developer endpoints. It is written entirely in Go and carries zero non-stdlib dependencies. Perplexity already uses it internally to protect developer systems behind its search product, Comet browser, and Computer agent.
Problem that Bumblebee Solves
If you are a software engineer or data scientist, you likely have dozens of packages installed locally. You have editor extensions, browser add-ons, and possibly MCP (Model Context Protocol) configs on your machine. When a new vulnerability surfaces, your security team faces one urgent question: which developer machines are exposed right now?
Existing tools do not fully answer this. SBOMs (Software Bills of Materials) and vulnerability scanners cover build artifacts and repositories. EDR (Endpoint Detection and Response) products track what processes ran or touched the network. Neither checks local developer state — lockfiles, package metadata, extension manifests, and AI tool configs scattered across a laptop’s filesystem.
Bumblebee fills that gap. When an advisory names a package, extension, or version, it answers which machines show a match in their on-disk metadata right…
