diff --git a/docs/ar/mcp/security.mdx b/docs/ar/mcp/security.mdx
index e968ff9f5..f32440aab 100644
--- a/docs/ar/mcp/security.mdx
+++ b/docs/ar/mcp/security.mdx
@@ -139,7 +139,19 @@ mode: "wide"
- **الالتزام بمواصفات ترخيص MCP**: إذا كنت تنفذ المصادقة والترخيص، اتبع بدقة [مواصفات ترخيص MCP](https://modelcontextprotocol.io/specification/draft/basic/authorization).
- **تدقيقات أمنية منتظمة**: إذا كان خادم MCP يتعامل مع بيانات حساسة، فكر في إجراء تدقيقات أمنية دورية.
-## 5. قراءة إضافية
+## 5. الإبلاغ عن الثغرات الأمنية
+
+إذا اكتشفت ثغرة أمنية في CrewAI، يرجى الإبلاغ عنها بشكل مسؤول من خلال برنامج الكشف عن الثغرات (VDP) الخاص بنا على Bugcrowd:
+
+**أرسل التقارير إلى:** [crewai-vdp-ess@submit.bugcrowd.com](mailto:crewai-vdp-ess@submit.bugcrowd.com)
+
+
+**لا تكشف** عن الثغرات عبر issues العامة على GitHub أو pull requests أو وسائل التواصل الاجتماعي. لن تتم مراجعة التقارير المقدمة عبر قنوات غير Bugcrowd.
+
+
+لمزيد من التفاصيل، راجع [سياسة الأمان](https://github.com/crewAIInc/crewAI/blob/main/.github/security.md) الخاصة بنا.
+
+## 6. قراءة إضافية
لمزيد من المعلومات التفصيلية حول أمان MCP، راجع التوثيق الرسمي:
- **[أمان نقل MCP](https://modelcontextprotocol.io/docs/concepts/transports#security-considerations)**
diff --git a/docs/ar/security.mdx b/docs/ar/security.mdx
new file mode 100644
index 000000000..c6454cca7
--- /dev/null
+++ b/docs/ar/security.mdx
@@ -0,0 +1,22 @@
+---
+title: سياسة الأمان
+description: تعرف على كيفية الإبلاغ عن الثغرات الأمنية وممارسات الأمان في CrewAI.
+icon: shield
+mode: "wide"
+---
+
+## الإبلاغ عن الثغرات الأمنية
+
+إذا اكتشفت ثغرة أمنية في CrewAI، يرجى الإبلاغ عنها بشكل مسؤول من خلال برنامج الكشف عن الثغرات (VDP) الخاص بنا على Bugcrowd:
+
+**أرسل التقارير إلى:** [crewai-vdp-ess@submit.bugcrowd.com](mailto:crewai-vdp-ess@submit.bugcrowd.com)
+
+
+**لا تكشف** عن الثغرات عبر issues العامة على GitHub أو pull requests أو وسائل التواصل الاجتماعي. لن تتم مراجعة التقارير المقدمة عبر قنوات غير Bugcrowd.
+
+
+لمزيد من التفاصيل، راجع [سياسة الأمان على GitHub](https://github.com/crewAIInc/crewAI/blob/main/.github/security.md).
+
+## موارد الأمان
+
+- **[اعتبارات أمان MCP](/mcp/security)** — أفضل الممارسات لدمج خوادم MCP بأمان مع وكلاء CrewAI، بما في ذلك أمان النقل ومخاطر حقن الأوامر ونصائح تنفيذ الخادم.
diff --git a/docs/docs.json b/docs/docs.json
index 083ddf381..101f1ec25 100644
--- a/docs/docs.json
+++ b/docs/docs.json
@@ -368,6 +368,12 @@
"pages": [
"en/telemetry"
]
+ },
+ {
+ "group": "Security",
+ "pages": [
+ "en/security"
+ ]
}
]
},
@@ -837,6 +843,12 @@
"pages": [
"en/telemetry"
]
+ },
+ {
+ "group": "Security",
+ "pages": [
+ "en/security"
+ ]
}
]
},
@@ -1306,6 +1318,12 @@
"pages": [
"en/telemetry"
]
+ },
+ {
+ "group": "Security",
+ "pages": [
+ "en/security"
+ ]
}
]
},
@@ -1775,6 +1793,12 @@
"pages": [
"en/telemetry"
]
+ },
+ {
+ "group": "Security",
+ "pages": [
+ "en/security"
+ ]
}
]
},
@@ -2243,6 +2267,12 @@
"pages": [
"en/telemetry"
]
+ },
+ {
+ "group": "Security",
+ "pages": [
+ "en/security"
+ ]
}
]
},
@@ -2711,6 +2741,12 @@
"pages": [
"en/telemetry"
]
+ },
+ {
+ "group": "Security",
+ "pages": [
+ "en/security"
+ ]
}
]
},
@@ -3180,6 +3216,12 @@
"pages": [
"en/telemetry"
]
+ },
+ {
+ "group": "Security",
+ "pages": [
+ "en/security"
+ ]
}
]
},
@@ -3664,6 +3706,12 @@
"pages": [
"pt-BR/telemetry"
]
+ },
+ {
+ "group": "Segurança",
+ "pages": [
+ "pt-BR/security"
+ ]
}
]
},
@@ -4118,6 +4166,12 @@
"pages": [
"pt-BR/telemetry"
]
+ },
+ {
+ "group": "Segurança",
+ "pages": [
+ "pt-BR/security"
+ ]
}
]
},
@@ -4572,6 +4626,12 @@
"pages": [
"pt-BR/telemetry"
]
+ },
+ {
+ "group": "Segurança",
+ "pages": [
+ "pt-BR/security"
+ ]
}
]
},
@@ -5026,6 +5086,12 @@
"pages": [
"pt-BR/telemetry"
]
+ },
+ {
+ "group": "Segurança",
+ "pages": [
+ "pt-BR/security"
+ ]
}
]
},
@@ -5479,6 +5545,12 @@
"pages": [
"pt-BR/telemetry"
]
+ },
+ {
+ "group": "Segurança",
+ "pages": [
+ "pt-BR/security"
+ ]
}
]
},
@@ -5932,6 +6004,12 @@
"pages": [
"pt-BR/telemetry"
]
+ },
+ {
+ "group": "Segurança",
+ "pages": [
+ "pt-BR/security"
+ ]
}
]
},
@@ -6386,6 +6464,12 @@
"pages": [
"pt-BR/telemetry"
]
+ },
+ {
+ "group": "Segurança",
+ "pages": [
+ "pt-BR/security"
+ ]
}
]
},
@@ -6882,6 +6966,12 @@
"pages": [
"ko/telemetry"
]
+ },
+ {
+ "group": "보안",
+ "pages": [
+ "ko/security"
+ ]
}
]
},
@@ -7348,6 +7438,12 @@
"pages": [
"ko/telemetry"
]
+ },
+ {
+ "group": "보안",
+ "pages": [
+ "ko/security"
+ ]
}
]
},
@@ -7814,6 +7910,12 @@
"pages": [
"ko/telemetry"
]
+ },
+ {
+ "group": "보안",
+ "pages": [
+ "ko/security"
+ ]
}
]
},
@@ -8280,6 +8382,12 @@
"pages": [
"ko/telemetry"
]
+ },
+ {
+ "group": "보안",
+ "pages": [
+ "ko/security"
+ ]
}
]
},
@@ -8745,6 +8853,12 @@
"pages": [
"ko/telemetry"
]
+ },
+ {
+ "group": "보안",
+ "pages": [
+ "ko/security"
+ ]
}
]
},
@@ -9210,6 +9324,12 @@
"pages": [
"ko/telemetry"
]
+ },
+ {
+ "group": "보안",
+ "pages": [
+ "ko/security"
+ ]
}
]
},
@@ -9676,6 +9796,12 @@
"pages": [
"ko/telemetry"
]
+ },
+ {
+ "group": "보안",
+ "pages": [
+ "ko/security"
+ ]
}
]
},
@@ -10172,6 +10298,12 @@
"pages": [
"ar/telemetry"
]
+ },
+ {
+ "group": "الأمان",
+ "pages": [
+ "ar/security"
+ ]
}
]
},
@@ -10638,6 +10770,12 @@
"pages": [
"ar/telemetry"
]
+ },
+ {
+ "group": "الأمان",
+ "pages": [
+ "ar/security"
+ ]
}
]
},
@@ -11104,6 +11242,12 @@
"pages": [
"ar/telemetry"
]
+ },
+ {
+ "group": "الأمان",
+ "pages": [
+ "ar/security"
+ ]
}
]
},
@@ -11570,6 +11714,12 @@
"pages": [
"ar/telemetry"
]
+ },
+ {
+ "group": "الأمان",
+ "pages": [
+ "ar/security"
+ ]
}
]
},
@@ -12035,6 +12185,12 @@
"pages": [
"ar/telemetry"
]
+ },
+ {
+ "group": "الأمان",
+ "pages": [
+ "ar/security"
+ ]
}
]
},
@@ -12500,6 +12656,12 @@
"pages": [
"ar/telemetry"
]
+ },
+ {
+ "group": "الأمان",
+ "pages": [
+ "ar/security"
+ ]
}
]
},
@@ -12966,6 +13128,12 @@
"pages": [
"ar/telemetry"
]
+ },
+ {
+ "group": "الأمان",
+ "pages": [
+ "ar/security"
+ ]
}
]
},
@@ -13282,4 +13450,4 @@
"reddit": "https://www.reddit.com/r/crewAIInc/"
}
}
-}
+}
\ No newline at end of file
diff --git a/docs/en/mcp/security.mdx b/docs/en/mcp/security.mdx
index 4fc84cdeb..0edd7583e 100644
--- a/docs/en/mcp/security.mdx
+++ b/docs/en/mcp/security.mdx
@@ -156,7 +156,19 @@ If you are developing an MCP server that CrewAI agents might connect to, conside
- **Adherence to MCP Authorization Spec**: If implementing authentication and authorization, strictly follow the [MCP Authorization specification](https://modelcontextprotocol.io/specification/draft/basic/authorization) and relevant [OAuth 2.0 security best practices](https://datatracker.ietf.org/doc/html/rfc9700).
- **Regular Security Audits**: If your MCP server handles sensitive data, performs critical operations, or is publicly exposed, consider periodic security audits by qualified professionals.
-## 5. Further Reading
+## 5. Reporting Security Vulnerabilities
+
+If you discover a security vulnerability in CrewAI, please report it responsibly through our Bugcrowd Vulnerability Disclosure Program (VDP):
+
+**Submit reports to:** [crewai-vdp-ess@submit.bugcrowd.com](mailto:crewai-vdp-ess@submit.bugcrowd.com)
+
+
+**Do not** disclose vulnerabilities via public GitHub issues, pull requests, or social media. Reports submitted via channels other than Bugcrowd will not be reviewed.
+
+
+For full details, see our [Security Policy](https://github.com/crewAIInc/crewAI/blob/main/.github/security.md).
+
+## 6. Further Reading
For more detailed information on MCP security, refer to the official documentation:
- **[MCP Transport Security](https://modelcontextprotocol.io/docs/concepts/transports#security-considerations)**
diff --git a/docs/en/security.mdx b/docs/en/security.mdx
new file mode 100644
index 000000000..ec4c12774
--- /dev/null
+++ b/docs/en/security.mdx
@@ -0,0 +1,22 @@
+---
+title: Security Policy
+description: Learn how to report security vulnerabilities and about CrewAI's security practices.
+icon: shield
+mode: "wide"
+---
+
+## Reporting Security Vulnerabilities
+
+If you discover a security vulnerability in CrewAI, please report it responsibly through our Bugcrowd Vulnerability Disclosure Program (VDP):
+
+**Submit reports to:** [crewai-vdp-ess@submit.bugcrowd.com](mailto:crewai-vdp-ess@submit.bugcrowd.com)
+
+
+**Do not** disclose vulnerabilities via public GitHub issues, pull requests, or social media. Reports submitted via channels other than Bugcrowd will not be reviewed.
+
+
+For full details, see our [Security Policy on GitHub](https://github.com/crewAIInc/crewAI/blob/main/.github/security.md).
+
+## Security Resources
+
+- **[MCP Security Considerations](/mcp/security)** — Best practices for securely integrating MCP servers with your CrewAI agents, including transport security, prompt injection risks, and server implementation advice.
diff --git a/docs/ko/mcp/security.mdx b/docs/ko/mcp/security.mdx
index dd32747f5..f648e695d 100644
--- a/docs/ko/mcp/security.mdx
+++ b/docs/ko/mcp/security.mdx
@@ -156,7 +156,19 @@ CrewAI 에이전트가 연결할 수 있는 MCP 서버를 개발하고 있다면
- **MCP 인증 사양 준수**: 인증 및 권한 부여를 구현할 경우, [MCP Authorization specification](https://modelcontextprotocol.io/specification/draft/basic/authorization) 및 관련 [OAuth 2.0 security best practices](https://datatracker.ietf.org/doc/html/rfc9700)를 엄격히 준수하세요.
- **정기적인 보안 감사**: MCP 서버가 민감한 데이터를 처리하거나, 중요한 작업을 수행하거나, 대외적으로 노출된 경우 자격을 갖춘 전문가의 정기적인 보안 감사를 고려하세요.
-## 5. 추가 참고 자료
+## 5. 보안 취약점 보고
+
+CrewAI에서 보안 취약점을 발견하셨다면, Bugcrowd 취약점 공개 프로그램(VDP)을 통해 책임감 있게 보고해 주세요:
+
+**보고서 제출:** [crewai-vdp-ess@submit.bugcrowd.com](mailto:crewai-vdp-ess@submit.bugcrowd.com)
+
+
+공개 GitHub 이슈, 풀 리퀘스트 또는 소셜 미디어를 통해 취약점을 공개하지 **마세요**. Bugcrowd 이외의 채널로 제출된 보고서는 검토되지 않습니다.
+
+
+자세한 내용은 [보안 정책](https://github.com/crewAIInc/crewAI/blob/main/.github/security.md)을 참조하세요.
+
+## 6. 추가 참고 자료
MCP 보안에 대한 자세한 내용은 공식 문서를 참고하세요:
- **[MCP 전송 보안](https://modelcontextprotocol.io/docs/concepts/transports#security-considerations)**
diff --git a/docs/ko/security.mdx b/docs/ko/security.mdx
new file mode 100644
index 000000000..7d90253c6
--- /dev/null
+++ b/docs/ko/security.mdx
@@ -0,0 +1,22 @@
+---
+title: 보안 정책
+description: CrewAI의 보안 취약점 보고 방법과 보안 관행에 대해 알아보세요.
+icon: shield
+mode: "wide"
+---
+
+## 보안 취약점 보고
+
+CrewAI에서 보안 취약점을 발견하셨다면, Bugcrowd 취약점 공개 프로그램(VDP)을 통해 책임감 있게 보고해 주세요:
+
+**보고서 제출:** [crewai-vdp-ess@submit.bugcrowd.com](mailto:crewai-vdp-ess@submit.bugcrowd.com)
+
+
+공개 GitHub 이슈, 풀 리퀘스트 또는 소셜 미디어를 통해 취약점을 공개하지 **마세요**. Bugcrowd 이외의 채널로 제출된 보고서는 검토되지 않습니다.
+
+
+자세한 내용은 [GitHub 보안 정책](https://github.com/crewAIInc/crewAI/blob/main/.github/security.md)을 참조하세요.
+
+## 보안 리소스
+
+- **[MCP 보안 고려사항](/mcp/security)** — MCP 서버를 CrewAI 에이전트와 안전하게 통합하기 위한 모범 사례로, 전송 보안, 프롬프트 인젝션 위험 및 서버 구현 권장 사항을 포함합니다.
diff --git a/docs/pt-BR/mcp/security.mdx b/docs/pt-BR/mcp/security.mdx
index c62f1d9bc..c89111c54 100644
--- a/docs/pt-BR/mcp/security.mdx
+++ b/docs/pt-BR/mcp/security.mdx
@@ -156,7 +156,19 @@ Se você está desenvolvendo um servidor MCP ao qual agentes CrewAI possam se co
- **Aderência à Especificação de Autorização MCP**: Caso implemente autenticação e autorização, siga estritamente a [especificação de autorização MCP](https://modelcontextprotocol.io/specification/draft/basic/authorization) e as [melhores práticas de segurança OAuth 2.0](https://datatracker.ietf.org/doc/html/rfc9700) relevantes.
- **Auditorias de Segurança Regulares**: Caso seu servidor MCP manipule dados sensíveis, realize operações críticas ou seja exposto publicamente, considere auditorias de segurança periódicas conduzidas por profissionais qualificados.
-## 5. Leituras Adicionais
+## 5. Reportando Vulnerabilidades de Segurança
+
+Se você descobrir uma vulnerabilidade de segurança no CrewAI, por favor reporte de forma responsável através do nosso Programa de Divulgação de Vulnerabilidades (VDP) no Bugcrowd:
+
+**Envie relatórios para:** [crewai-vdp-ess@submit.bugcrowd.com](mailto:crewai-vdp-ess@submit.bugcrowd.com)
+
+
+**Não** divulgue vulnerabilidades por meio de issues públicas no GitHub, pull requests ou redes sociais. Relatórios enviados por outros canais que não o Bugcrowd não serão analisados.
+
+
+Para mais detalhes, consulte nossa [Política de Segurança](https://github.com/crewAIInc/crewAI/blob/main/.github/security.md).
+
+## 6. Leituras Adicionais
Para informações mais detalhadas sobre segurança MCP, consulte a documentação oficial:
- **[Segurança de Transporte MCP](https://modelcontextprotocol.io/docs/concepts/transports#security-considerations)**
diff --git a/docs/pt-BR/security.mdx b/docs/pt-BR/security.mdx
new file mode 100644
index 000000000..5a95469d5
--- /dev/null
+++ b/docs/pt-BR/security.mdx
@@ -0,0 +1,22 @@
+---
+title: Política de Segurança
+description: Saiba como reportar vulnerabilidades de segurança e sobre as práticas de segurança do CrewAI.
+icon: shield
+mode: "wide"
+---
+
+## Reportando Vulnerabilidades de Segurança
+
+Se você descobrir uma vulnerabilidade de segurança no CrewAI, por favor reporte de forma responsável através do nosso Programa de Divulgação de Vulnerabilidades (VDP) no Bugcrowd:
+
+**Envie relatórios para:** [crewai-vdp-ess@submit.bugcrowd.com](mailto:crewai-vdp-ess@submit.bugcrowd.com)
+
+
+**Não** divulgue vulnerabilidades por meio de issues públicas no GitHub, pull requests ou redes sociais. Relatórios enviados por outros canais que não o Bugcrowd não serão analisados.
+
+
+Para mais detalhes, consulte nossa [Política de Segurança no GitHub](https://github.com/crewAIInc/crewAI/blob/main/.github/security.md).
+
+## Recursos de Segurança
+
+- **[Considerações de Segurança MCP](/mcp/security)** — Melhores práticas para integrar servidores MCP com segurança aos seus agentes CrewAI, incluindo segurança de transporte, riscos de injeção de prompt e conselhos de implementação de servidor.