CrewAI

Stub

Open-source Python multi-agent framework. Models agents as “crew members” with roles, goals, and tools; orchestration via “crew” hierarchies that delegate tasks between agents. Tool ecosystem includes SerperDevTool (Google search), ScrapeWebsiteTool (web fetcher), and many others.

Wiki relevance: One of the two frameworks Unit 42 used to demonstrate framework-agnostic agentic-AI vulnerabilities in “AI Agents Are Here. So Are the Threats.” (May 2025). All nine attack scenarios in that study work identically against CrewAI and AutoGen — the article explicitly notes neither framework is inherently vulnerable; the vulnerabilities arise from insecure design and tool integration, not the framework itself.

Hierarchical delegation pattern: CrewAI uses a documented hierarchical process where an orchestrator agent delegates tasks to coworker agents. This delegation channel is the load-bearing mechanism the Unit 42 attacks exploit to reach internal agents through the user-facing orchestrator (mapping to OWASP ASI07/08/10 multi-agent threats).

Pending content: full architecture overview, security configuration guide, comparison with AutoGen and other frameworks, MCP integration status, version history, production deployment evidence.