MEDUSA detects prompt injection, MCP (Model Context Protocol) vulnerabilities, RAG (retrieval-augmented generation) poisoning, agent attacks, and 200 CVEs across your AI/ML stack. 514 false positive filters for 96.8% FP reduction. Free and open source.
pip install medusa-security && medusa scan .
Run one command. Get a full AI security audit across 79 scanners in seconds.
LLM agents, MCP servers, and RAG pipelines introduce attack surfaces that traditional scanners miss
Prompt injection, jailbreaking, and tool poisoning can hijack your AI agents. CVE-2025-6514 proved MCP servers are already being exploited. Traditional SAST tools don't detect these attack vectors.
RAG poisoning, dataset injection, and model extraction attacks happen before your code even runs. Your training data, embeddings, and knowledge bases can all be vectors for adversarial content.
MCP, UCP, AP2, and ACP — the emerging agent-communication protocols — are powerful but introduce discovery endpoint attacks, credential smuggling, and cross-tool exploitation. These protocols need security scanning from day one.
79 scanners, 40,000+ detection patterns, and 514 FP filters covering the entire AI security landscape
Industry-leading coverage for prompt injection, jailbreaking, MCP tool poisoning, RAG security, agent memory attacks, supply chain risks, and traditional SAST. 514 false positive filters ensure 96.8% FP reduction.
91 dedicated rules for MCP, UCP, AP2, and ACP vulnerabilities. Detect discovery endpoint attacks, credential smuggling, tool poisoning, and cross-agent exploitation.
200 CVEs via CVEMiner covering LangChain, PyTorch, MCP, LlamaIndex, and more. Version-aware SCA detection — only flags installed vulnerable versions.
Works immediately after pip install. No external tools, no API keys, no configuration needed. Just install and scan. Multi-core parallel processing out of the box.
Works with Claude Code, Cursor, VS Code, and Gemini CLI. Get AI security feedback right in your development workflow. SARIF output for GitHub Code Scanning.
Export to JSON, HTML, SARIF, or Markdown. Glassmorphism HTML dashboard, machine-readable JSON for CI/CD, and SARIF for GitHub integration.
Updated for OWASP Top 10 for LLM Applications 2025 and MITRE ATLAS
Use them! MEDUSA covers the AI attack surface they weren't built for — most teams run it alongside their existing tools.
Excellent at classic code vulnerabilities — injection, XSS, insecure crypto. But prompt injection surfaces, MCP tool poisoning, and RAG pipeline attacks aren't in their rule sets. MEDUSA includes traditional SAST rules too, and adds the AI-specific layer on top.
Tools like garak probe a running model with adversarial prompts — dynamic testing of model behaviour. Complementary, not overlapping: MEDUSA statically scans the code, configs, and pipelines around the model before anything runs.
Static scanning purpose-built for the AI stack: prompt injection surfaces, MCP and agent-protocol rules, RAG poisoning, AI supply-chain attacks, and 200 known CVEs across 7 ecosystems — plus the traditional code checks, in one zero-setup scan.
Claude Code compromise detection, always-on AI attack signatures, and native Rust & PHP coverage.
Vets your .claude/ directory — hooks, permissions, and skills — for injected instructions and backdoors targeting AI coding assistants.
AI attack-signature scanning now runs on every scan by default. No flags, no configuration — protection is the baseline.
22 new Rust rules and 16 new PHP rules bring first-class coverage to two more ecosystems.
--trace-rules DiagnosticsSee exactly which rules fired on which files, and why — for tuning, auditing, and false-positive triage.
Free forever for open-source scanning. Pro adds an ultra-fast runtime proxy that blocks attacks in real time.
MEDUSA is an AI-first security scanner with 79 scanners and 40,000+ detection rules. It scans for prompt injection, MCP vulnerabilities, RAG poisoning, agent attacks, and traditional code vulnerabilities across 50+ file types.
Install MEDUSA with pip: pip install medusa-security, then run
medusa scan . in your project directory. Zero setup — no external
tools, no API keys, no configuration.
Yes — MEDUSA is free and open source under the AGPL-3.0 license. The core scanner with 79 scanners and 40,000+ rules is free forever. Professional and Enterprise tiers add runtime protection and team features.
Install MEDUSA and scan your first project right now.
pip install medusa-security && medusa scan .