MEDUSA is a CLI-based SAST security scanner specifically designed for AI/ML and LLM systems. It provides 76 built-in analyzers with 9,600+ detection rules targeting AI supply chain attacks including repo poisoning, prompt injection, and MCP tool poisoning. The scanner works out of the box without external tool dependencies and includes CVE detection for LLM-related vulnerabilities like LangChain RCE and MCP-Remote RCE.