crewai-multi-agent
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (LOW): The documentation suggests installing the 'crewai' and 'crewai-tools' packages. Although the packages are not from a predefined trusted organization, the severity is reduced as this is the primary purpose of the documentation. \n- [PROMPT_INJECTION] (LOW): The documentation demonstrates a surface for indirect prompt injection by show casing how to interpolate user data into agent prompts. \n
- Ingestion points: User-defined state variables like 'topic' in 'ResearchFlow' (references/flows.md). \n
- Boundary markers: Not present in the instructional code snippets. \n
- Capability inventory: Examples describe agents with the ability to perform web searches and process PDF files (references/troubleshooting.md). \n
- Sanitization: Not demonstrated in the provided code examples.
Audit Metadata