Addressing the Developer Endpoint Blind Spot
Modern security tools like SBOMs and EDRs often fail to capture the state of local developer environments, where malicious packages, browser extensions, and AI tool configurations reside. Perplexity open-sourced Bumblebee to fill this gap by providing a read-only inventory collector for macOS and Linux endpoints. Unlike traditional scanners that might trigger postinstall scripts or other lifecycle hooks during an audit, Bumblebee is designed to be entirely passive—it never executes code, invokes package managers (like npm or pip), or monitors network traffic. This ensures that the act of scanning does not inadvertently trigger the very vulnerabilities it is designed to detect.
Scanning Capabilities and Workflow
Bumblebee is a one-shot scanner written in Go with zero non-standard library dependencies. It supports three distinct scan profiles to balance speed and depth:
- Baseline: Scans global package roots, language toolchains, editor extensions, browser extensions, and Model Context Protocol (MCP) configs.
- Project: Targets specific development directories like
~/codeor~/src. - Deep: Performs a comprehensive sweep of operator-supplied roots, typically used during active incident response.
The tool parses metadata from a wide range of sources, including lockfiles (package-lock.json, go.sum), editor manifests (VS Code, Cursor, Windsurf), and various AI agent configuration files (e.g., mcp.json, claude_desktop_config.json). It outputs results in NDJSON format, assigning a confidence score (high, medium, or low) to each finding based on the metadata source. Security teams can supply their own JSON-based exposure catalogs to match against the scan results, allowing for rapid identification of vulnerable machines when new threat intelligence is released.