Tools
Pantheon-Security/medusa: An AI-First Scanner With 79 Analyzers and Repo-Poisoning Detection for Agents and MCP
medusa is a Python AI-first security scanner with 79 analyzers, 40,000+ detection rules and dedicated repo-poisoning detection for AI/ML code, LLM agents and MCP servers, runnable against any GitHub repo via 'medusa scan --git user/repo.' It sits at ~595 stars. The explicit focus on repo/supply-chain poisoning of agent code addresses a threat vector that generic SAST tools largely miss, making it relevant to anyone installing third-party skills or MCP servers.
Source
↳ Follow the thread