REPOGEO 报告 · LITE
Pantheon-Security/medusa
默认分支 main · commit 519a9b60 · 扫描时间 2026/6/15 07:01:27
星标 598 · Fork 109
行动计划告诉你下一步要做什么——按影响力排序、可直接复制粘贴的修改。品类可见性是真正的 GEO 测试:当用户向 AI 提一个不带品牌、本应让 Pantheon-Security/medusa 浮出水面的问题时,AI 是真的推荐了你,还是推荐了你的竞品?客观检查验证 AI 引擎最先权衡的那些元数据信号。自指检查判断 AI 是否还认识你的名字。
行动计划 — 可复制粘贴的修复
3 条由 gemini-2.5-flash 生成、按优先级排序的修改。修完后请把对应条目标记为完成。
- highreadme#1Reposition README to explicitly clarify AI/ML/LLM security focus
原因:
当前# 🐍 MEDUSA - AI Security Scanner ... **AI-first security scanner with 40,000+ detection patterns for AI/ML, agents, and LLM applications.**
复制粘贴的修复# 🐍 MEDUSA - AI-First Security Scanner for AI/ML, LLM Agents, and MCP Servers **MEDUSA is an AI-first security scanner, purpose-built for AI/ML applications, LLM agents, and MCP servers. It is NOT a tool for Pantheon-hosted websites or general web security, nor is it a post-exploitation framework.**
- highabout#2Clarify the 'About' description to prevent miscategorization
原因:
当前AI-first security scanner with 79 analyzers, 40,000+ detection rules, and repo poisoning detection for AI/ML, LLM agents, and MCP servers. Scan any GitHub repo with: medusa scan --git user/repo
复制粘贴的修复AI-first security scanner with 79 analyzers, 40,000+ detection rules, and repo poisoning detection. Specifically designed for AI/ML, LLM agents, and MCP servers. Not for Pantheon-hosted websites or general web security. Scan any GitHub repo with: medusa scan --git user/repo
- mediumtopics#3Remove non-core topics to sharpen AI's understanding
原因:
当前agent-security, ai-security, code-analysis, cve-detection, devsecops, llm-security, mcp, nextjs, open-source, python, react, sast, scanner, security, security-tools, static-analysis, vulnerability-scanner
复制粘贴的修复agent-security, ai-security, code-analysis, cve-detection, devsecops, llm-security, mcp, open-source, python, sast, scanner, security, security-tools, static-analysis, vulnerability-scanner
本次扫描解析到的品类 GEO 通道:google/gemini-2.5-flash, deepseek/deepseek-v4-flash
品类可见性 — 真正的 GEO 测试
向 google/gemini-2.5-flash 提出的不带品牌问题。AI 推荐了你,还是推荐了别人?
各模型使用同一组问题 — 切换标签对比回答与排名。
- TruffleHog · 被推荐 2 次
- Semgrep · 被推荐 2 次
- Grype · 被推荐 2 次
- Snyk · 被推荐 1 次
- Dependabot (GitHub Native) · 被推荐 1 次
- 品类问题How can I scan GitHub repositories for AI supply chain vulnerabilities and LLM agent risks?你:未被推荐AI 推荐顺序:
- Snyk
- Dependabot (GitHub Native)
- TruffleHog
- Semgrep
- Grype
- OWASP Top 10 for LLM Applications
- Microsoft Security Code Analysis (MSCA)
AI 推荐了 7 个替代方案,却始终没点名 Pantheon-Security/medusa。这就是要补上的差距。
查看 AI 完整回答
- 品类问题What open-source tools perform static analysis and CVE detection for AI/ML application security?你:未被推荐AI 推荐顺序:
- Bandit
- Semgrep
- TruffleHog
- OWASP Dependency-Check
- Snyk Open Source (CLI)
- Grype
AI 推荐了 6 个替代方案,却始终没点名 Pantheon-Security/medusa。这就是要补上的差距。
查看 AI 完整回答
客观检查
针对 AI 引擎最看重的元数据信号的规则审计。
- Metadata completenesspass
- README presencepass
自指检查
当被直接问到你时,AI 是否还知道你的仓库存在?
- Compared to common alternatives in this category, what is the core differentiator of Pantheon-Security/medusa?passAI 明确点名了 Pantheon-Security/medusa
AI 的回答可能信誓旦旦却是错的。请按事实核对:技术栈、目标人群、差异化点是不是和你实际的对得上?
- If a team adopts Pantheon-Security/medusa in production, what risks or prerequisites should they evaluate first?passAI 明确点名了 Pantheon-Security/medusa
AI 的回答可能信誓旦旦却是错的。请按事实核对:技术栈、目标人群、差异化点是不是和你实际的对得上?
- In one sentence, what problem does the repo Pantheon-Security/medusa solve, and who is the primary audience?passAI 明确点名了 Pantheon-Security/medusa
AI 的回答可能信誓旦旦却是错的。请按事实核对:技术栈、目标人群、差异化点是不是和你实际的对得上?
嵌入你的 GEO 徽章
把这个徽章贴进 Pantheon-Security/medusa 的 README。每次重新扫描都会自动更新,并跳到最新报告——是「我在乎 AI 可发现性」最简单的公开证明。
实时预览[](https://repogeo.com/zh/r/Pantheon-Security/medusa)<a href="https://repogeo.com/zh/r/Pantheon-Security/medusa"><img src="https://repogeo.com/badge/Pantheon-Security/medusa.svg" alt="RepoGEO" /></a>订阅 Pro,解锁深度诊断
Pantheon-Security/medusa — 轻量扫描仍免费;本卡列出 Pro 相对轻量的深度额度。
- 深度报告每月 10 次
- 无品牌品类查询5,轻量 2
- 优先行动项8,轻量 3