Adds a skill that wraps Perplexity's open-source bumblebee CLI (https://github.com/perplexityai/bumblebee), a read-only inventory collector for package, extension, and developer-tool metadata on macOS/Linux developer endpoints. Useful for supply-chain incident response: when an advisory names a compromised npm/PyPI/Go/RubyGems/ Composer package, the skill scans the local machine and surfaces any matches.

The skill handles requirements checks (Go, bumblebee binary), installs bumblebee via go install ...@latest if missing, runs the requested profile (baseline, project, or deep), and produces both raw NDJSON and a human-readable Markdown report via a bundled, dependency-free Python helper.

Inspired by Perplexity's public release of Bumblebee.