Summary

MEDUSA is an AI-first security scanner addressing vulnerabilities in AI/ML applications, LLM agents, and traditional codebases. It provides extensive detection for AI supply chain attacks, repo poisoning, and over 200 CVEs, offering immediate value to developers and security engineers without complex setup.

How It Works

This tool employs an AI-first approach, integrating over 9,600 specialized detection patterns for AI/ML, LLM agents, and MCP servers alongside traditional SAST capabilities. It operates directly after a simple pip install, eliminating external tool dependencies. Core functionalities leverage parallel processing and smart caching for rapid scanning, supporting 79 distinct scanner types across numerous languages and file formats.

Quick Start & Requirements

Installation is straightforward via pip: pip install medusa-security. The tool is cross-platform (Windows, macOS, Linux) and requires Python 3.10+. It emphasizes zero setup for core scanning, with optional AI tools installable via medusa install --ai-tools. External linters are auto-detected if present. Official documentation is available at https://docs.pantheonsecurity.io.

Highlighted Details

• AI Supply Chain Security: Detects repo poisoning via weaponized AI editor configurations across 28+ file types and offers dedicated scanning for GitHub repositories using medusa scan --git <URL>.
• Broad CVE Coverage: Includes detection for over 200 critical vulnerabilities such as Log4Shell, Spring4Shell, XZ Utils backdoor, and AI-specific exploits like LangChain RCE and React2Shell.
• Extensive AI Pattern Library: Features 9,600+ patterns covering prompt injection, MCP server security, RAG security, agent security, and model security, aligned with OWASP Top 10 for LLM Applications 2025.
• Performance Optimizations: Utilizes multi-core parallel processing for significant speedups and smart caching for near-instantaneous rescans of unchanged files.
• IDE Integration: Native support for Claude Code, Cursor, VS Code, Gemini CLI, and OpenAI Codex, enhancing developer workflow.
• Multi-Format Reporting: Generates reports in JSON, HTML, Markdown, and SARIF formats for diverse integration needs.

Maintenance & Community

Developed by Pantheon Security with AI assistance from Claude AI. The project actively develops features, with upcoming offerings like MEDUSA Professional and a VS Code Extension. Community support is planned via Discord ("coming soon"), with GitHub Issues available for bug reporting and feature requests.

Licensing & Compatibility

MEDUSA is licensed under AGPL-3.0-or-later. This license mandates that any modifications or derivative works, including SaaS deployments, must also be released under the AGPL-3.0. Commercial licensing options are available by contacting support@pantheonsecurity.io.

Limitations & Caveats

The open-source version focuses exclusively on static analysis; real-time runtime protection for production LLM applications is a feature of the forthcoming MEDUSA Professional product. While external linters are auto-detected, their installation and configuration remain the user's responsibility.