Security Policy

Reporting Security Vulnerabilities

If you discover a security vulnerability in CrewAI, please report it responsibly through our Bugcrowd Vulnerability Disclosure Program (VDP): Submit reports to: crewai-vdp-ess@submit.bugcrowd.com

Do not disclose vulnerabilities via public GitHub issues, pull requests, or social media. Reports submitted via channels other than Bugcrowd will not be reviewed.

For full details, see our Security Policy on GitHub.

Security Resources

MCP Security Considerations — Best practices for securely integrating MCP servers with your CrewAI agents, including transport security, prompt injection risks, and server implementation advice.

Telemetry

⌘I

Get Started

Guides

Core Concepts

MCP Integration

Tools

Observability

Learn

Telemetry

Security

Security Policy

Reporting Security Vulnerabilities

Security Resources

Get Started

Guides

Core Concepts

MCP Integration

Tools

Observability

Learn

Telemetry

Security

​Reporting Security Vulnerabilities

​Security Resources

Reporting Security Vulnerabilities

Security Resources