docs: add top-level Security Policy page across all languages

Create a dedicated Security Policy page (docs/{en,pt-BR,ko,ar}/security.mdx)
with vulnerability reporting instructions pointing to the Bugcrowd VDP
(crewai-vdp-ess@submit.bugcrowd.com), consistent with the updated security
policy from PR #5096.

The page is added to the Documentation tab navigation (after Telemetry)
across all versions and languages in docs.json.

This is a top-level security page, not buried inside MCP docs.

docs/ar/changelog.mdx

@@ -4,6 +4,29 @@ description: "تحديثات المنتج والتحسينات وإصلاحات
 icon: "clock"
 mode: "wide"
 ---
+<Update label="25 مارس 2026">
+  ## v1.12.2
+
+  [عرض الإصدار على GitHub](https://github.com/crewAIInc/crewAI/releases/tag/1.12.2)
+
+  ## ما الذي تغير
+
+  ### الميزات
+  - إضافة مرحلة إصدار المؤسسات إلى إصدار أدوات المطورين
+
+  ### إصلاحات الأخطاء
+  - الحفاظ على قيمة إرجاع الطريقة كإخراج تدفق لـ @human_feedback مع emit
+
+  ### الوثائق
+  - تحديث سجل التغييرات والإصدار لـ v1.12.1
+  - مراجعة سياسة الأمان وتعليمات الإبلاغ
+
+  ## المساهمون
+
+  @alex-clawd, @greysonlalonde, @joaomdmoura, @theCyberTech
+
+</Update>
+
 <Update label="25 مارس 2026">
   ## v1.12.1
 

docs/ar/mcp/security.mdx

@@ -139,7 +139,19 @@ mode: "wide"
 - **الالتزام بمواصفات ترخيص MCP**: إذا كنت تنفذ المصادقة والترخيص، اتبع بدقة [مواصفات ترخيص MCP](https://modelcontextprotocol.io/specification/draft/basic/authorization).
 - **تدقيقات أمنية منتظمة**: إذا كان خادم MCP يتعامل مع بيانات حساسة، فكر في إجراء تدقيقات أمنية دورية.
 
-## 5. قراءة إضافية
+## 5. الإبلاغ عن الثغرات الأمنية
+
+إذا اكتشفت ثغرة أمنية في CrewAI، يرجى الإبلاغ عنها بشكل مسؤول من خلال برنامج الكشف عن الثغرات (VDP) الخاص بنا على Bugcrowd:
+
+**أرسل التقارير إلى:** [crewai-vdp-ess@submit.bugcrowd.com](mailto:crewai-vdp-ess@submit.bugcrowd.com)
+
+<Warning>
+**لا تكشف** عن الثغرات عبر issues العامة على GitHub أو pull requests أو وسائل التواصل الاجتماعي. لن تتم مراجعة التقارير المقدمة عبر قنوات غير Bugcrowd.
+</Warning>
+
+لمزيد من التفاصيل، راجع [سياسة الأمان](https://github.com/crewAIInc/crewAI/blob/main/.github/security.md) الخاصة بنا.
+
+## 6. قراءة إضافية
 
 لمزيد من المعلومات التفصيلية حول أمان MCP، راجع التوثيق الرسمي:
 - **[أمان نقل MCP](https://modelcontextprotocol.io/docs/concepts/transports#security-considerations)**

docs/ar/security.mdx

@@ -0,0 +1,22 @@
+---
+title: سياسة الأمان
+description: تعرف على كيفية الإبلاغ عن الثغرات الأمنية وممارسات الأمان في CrewAI.
+icon: shield
+mode: "wide"
+---
+
+## الإبلاغ عن الثغرات الأمنية
+
+إذا اكتشفت ثغرة أمنية في CrewAI، يرجى الإبلاغ عنها بشكل مسؤول من خلال برنامج الكشف عن الثغرات (VDP) الخاص بنا على Bugcrowd:
+
+**أرسل التقارير إلى:** [crewai-vdp-ess@submit.bugcrowd.com](mailto:crewai-vdp-ess@submit.bugcrowd.com)
+
+<Warning>
+**لا تكشف** عن الثغرات عبر issues العامة على GitHub أو pull requests أو وسائل التواصل الاجتماعي. لن تتم مراجعة التقارير المقدمة عبر قنوات غير Bugcrowd.
+</Warning>
+
+لمزيد من التفاصيل، راجع [سياسة الأمان على GitHub](https://github.com/crewAIInc/crewAI/blob/main/.github/security.md).
+
+## موارد الأمان
+
+- **[اعتبارات أمان MCP](/mcp/security)** — أفضل الممارسات لدمج خوادم MCP بأمان مع وكلاء CrewAI، بما في ذلك أمان النقل ومخاطر حقن الأوامر ونصائح تنفيذ الخادم.

docs/en/changelog.mdx

@@ -4,6 +4,29 @@ description: "Product updates, improvements, and bug fixes for CrewAI"
 icon: "clock"
 mode: "wide"
 ---
+<Update label="Mar 25, 2026">
+  ## v1.12.2
+
+  [View release on GitHub](https://github.com/crewAIInc/crewAI/releases/tag/1.12.2)
+
+  ## What's Changed
+
+  ### Features
+  - Add enterprise release phase to devtools release
+
+  ### Bug Fixes
+  - Preserve method return value as flow output for @human_feedback with emit
+
+  ### Documentation
+  - Update changelog and version for v1.12.1
+  - Revise security policy and reporting instructions
+
+  ## Contributors
+
+  @alex-clawd, @greysonlalonde, @joaomdmoura, @theCyberTech
+
+</Update>
+
 <Update label="Mar 25, 2026">
   ## v1.12.1
 

docs/en/enterprise/features/rbac.mdx

@@ -7,11 +7,13 @@ mode: "wide"
 
 ## Overview
 
-RBAC in CrewAI AMP enables secure, scalable access management through a combination of organization‑level roles and automation‑level visibility controls.
+RBAC in CrewAI AMP enables secure, scalable access management through two layers:
+
+1. **Feature permissions** — control what each role can do across the platform (manage, read, or no access)
+2. **Entity-level permissions** — fine-grained access on individual automations, environment variables, LLM connections, and Git repositories
 
 <Frame>
   <img src="/images/enterprise/users_and_roles.png" alt="RBAC overview in CrewAI AMP" />
-
 </Frame>
 
 ## Users and Roles
@@ -39,6 +41,13 @@ You can configure users and roles in Settings → Roles.
   </Step>
 </Steps>
 
+### Predefined Roles
+
+| Role       | Description                                                                 |
+| :--------- | :-------------------------------------------------------------------------- |
+| **Owner**  | Full access to all features and settings. Cannot be restricted.             |
+| **Member** | Read access to most features, manage access to Studio projects. Cannot modify organization or default settings. |
+
 ### Configuration summary
 
 | Area                  | Where to configure                 | Options                                 |
@@ -46,23 +55,80 @@ You can configure users and roles in Settings → Roles.
 | Users & Roles         | Settings → Roles                   | Predefined: Owner, Member; Custom roles |
 | Automation visibility | Automation → Settings → Visibility | Private; Whitelist users/roles          |
 
-## Automation‑level Access Control
+---
 
-In addition to organization‑wide roles, CrewAI Automations support fine‑grained visibility settings that let you restrict access to specific automations by user or role.
+## Feature Permissions Matrix
 
-This is useful for:
+Every role has a permission level for each feature area. The three levels are:
+
+- **Manage** — full read/write access (create, edit, delete)
+- **Read** — view-only access
+- **No access** — feature is hidden/inaccessible
+
+| Feature                   | Owner   | Member (default) | Description                                                     |
+| :------------------------ | :------ | :--------------- | :-------------------------------------------------------------- |
+| `usage_dashboards`        | Manage  | Read             | View usage metrics and analytics                                |
+| `crews_dashboards`        | Manage  | Read             | View deployment dashboards, access automation details           |
+| `invitations`             | Manage  | Read             | Invite new members to the organization                          |
+| `training_ui`             | Manage  | Read             | Access training/fine-tuning interfaces                          |
+| `tools`                   | Manage  | Read             | Create and manage tools                                         |
+| `agents`                  | Manage  | Read             | Create and manage agents                                        |
+| `environment_variables`   | Manage  | Read             | Create and manage environment variables                         |
+| `llm_connections`         | Manage  | Read             | Configure LLM provider connections                              |
+| `default_settings`        | Manage  | No access        | Modify organization-wide default settings                       |
+| `organization_settings`   | Manage  | No access        | Manage billing, plans, and organization configuration           |
+| `studio_projects`         | Manage  | Manage           | Create and edit projects in Studio                              |
+
+<Tip>
+  When creating a custom role, you can set each feature independently to **Manage**, **Read**, or **No access** to match your team's needs.
+</Tip>
+
+---
+
+## Deploying from GitHub or Zip
+
+One of the most common RBAC questions is: _"What permissions does a team member need to deploy?"_
+
+### Deploy from GitHub
+
+To deploy an automation from a GitHub repository, a user needs:
+
+1. **`crews_dashboards`**: at least `Read` — required to access the automations dashboard where deployments are created
+2. **Git repository access** (if entity-level RBAC for Git repositories is enabled): the user's role must be granted access to the specific Git repository via entity-level permissions
+3. **`studio_projects`: `Manage`** — if building the crew in Studio before deploying
+
+### Deploy from Zip
+
+To deploy an automation from a Zip file upload, a user needs:
+
+1. **`crews_dashboards`**: at least `Read` — required to access the automations dashboard
+2. **Zip deployments enabled**: the organization must not have disabled zip deployments in organization settings
+
+### Quick Reference: Minimum Permissions for Deployment
+
+| Action               | Required feature permissions          | Additional requirements                          |
+| :------------------- | :------------------------------------ | :----------------------------------------------- |
+| Deploy from GitHub   | `crews_dashboards: Read`              | Git repo entity access (if Git RBAC is enabled)  |
+| Deploy from Zip      | `crews_dashboards: Read`              | Zip deployments must be enabled at the org level |
+| Build in Studio      | `studio_projects: Manage`             | —                                                |
+| Configure LLM keys   | `llm_connections: Manage`             | —                                                |
+| Set environment vars  | `environment_variables: Manage`       | Entity-level access (if entity RBAC is enabled)  |
+
+---
+
+## Automation‑level Access Control (Entity Permissions)
+
+In addition to organization‑wide roles, CrewAI supports fine‑grained entity-level permissions that restrict access to individual resources.
+
+### Automation Visibility
+
+Automations support visibility settings that restrict access by user or role. This is useful for:
 
 - Keeping sensitive or experimental automations private
 - Managing visibility across large teams or external collaborators
 - Testing automations in isolated contexts
 
-Deployments can be configured as private, meaning only whitelisted users and roles will be able to:
-
-- View the deployment
-- Run it or interact with its API
-- Access its logs, metrics, and settings
-
-The organization owner always has access, regardless of visibility settings.
+Deployments can be configured as private, meaning only whitelisted users and roles will be able to interact with them.
 
 You can configure automation‑level access control in Automation → Settings → Visibility tab.
 
@@ -99,9 +165,92 @@ You can configure automation‑level access control in Automation → Settings
 
 <Frame>
   <img src="/images/enterprise/visibility.png" alt="Automation Visibility settings in CrewAI AMP" />
-
 </Frame>
 
+### Deployment Permission Types
+
+When granting entity-level access to a specific automation, you can assign these permission types:
+
+| Permission           | What it allows                                      |
+| :------------------- | :-------------------------------------------------- |
+| `run`                | Execute the automation and use its API               |
+| `traces`             | View execution traces and logs                       |
+| `manage_settings`    | Edit, redeploy, rollback, or delete the automation   |
+| `human_in_the_loop`  | Respond to human-in-the-loop (HITL) requests         |
+| `full_access`        | All of the above                                     |
+
+### Entity-level RBAC for Other Resources
+
+When entity-level RBAC is enabled, access to these resources can also be controlled per user or role:
+
+| Resource               | Controlled by                    | Description                                           |
+| :--------------------- | :------------------------------- | :---------------------------------------------------- |
+| Environment variables  | Entity RBAC feature flag         | Restrict which roles/users can view or manage specific env vars |
+| LLM connections        | Entity RBAC feature flag         | Restrict access to specific LLM provider configurations |
+| Git repositories       | Git repositories RBAC org setting | Restrict which roles/users can access specific connected repos |
+
+---
+
+## Common Role Patterns
+
+While CrewAI ships with Owner and Member roles, most teams benefit from creating custom roles. Here are common patterns:
+
+### Developer Role
+
+A role for team members who build and deploy automations but don't manage organization settings.
+
+| Feature                   | Permission |
+| :------------------------ | :--------- |
+| `usage_dashboards`        | Read       |
+| `crews_dashboards`        | Manage     |
+| `invitations`             | Read       |
+| `training_ui`             | Read       |
+| `tools`                   | Manage     |
+| `agents`                  | Manage     |
+| `environment_variables`   | Manage     |
+| `llm_connections`         | Read       |
+| `default_settings`        | No access  |
+| `organization_settings`   | No access  |
+| `studio_projects`         | Manage     |
+
+### Viewer / Stakeholder Role
+
+A role for non-technical stakeholders who need to monitor automations and view results.
+
+| Feature                   | Permission |
+| :------------------------ | :--------- |
+| `usage_dashboards`        | Read       |
+| `crews_dashboards`        | Read       |
+| `invitations`             | No access  |
+| `training_ui`             | Read       |
+| `tools`                   | Read       |
+| `agents`                  | Read       |
+| `environment_variables`   | No access  |
+| `llm_connections`         | No access  |
+| `default_settings`        | No access  |
+| `organization_settings`   | No access  |
+| `studio_projects`         | Read       |
+
+### Ops / Platform Admin Role
+
+A role for platform operators who manage infrastructure settings but may not build agents.
+
+| Feature                   | Permission |
+| :------------------------ | :--------- |
+| `usage_dashboards`        | Manage     |
+| `crews_dashboards`        | Manage     |
+| `invitations`             | Manage     |
+| `training_ui`             | Read       |
+| `tools`                   | Read       |
+| `agents`                  | Read       |
+| `environment_variables`   | Manage     |
+| `llm_connections`         | Manage     |
+| `default_settings`        | Manage     |
+| `organization_settings`   | Read       |
+| `studio_projects`         | Read       |
+
+---
+
 <Card title="Need Help?" icon="headset" href="mailto:support@crewai.com">
   Contact our support team for assistance with RBAC questions.
 </Card>

docs/en/mcp/security.mdx

@@ -156,7 +156,19 @@ If you are developing an MCP server that CrewAI agents might connect to, conside
 - **Adherence to MCP Authorization Spec**: If implementing authentication and authorization, strictly follow the [MCP Authorization specification](https://modelcontextprotocol.io/specification/draft/basic/authorization) and relevant [OAuth 2.0 security best practices](https://datatracker.ietf.org/doc/html/rfc9700).
 - **Regular Security Audits**: If your MCP server handles sensitive data, performs critical operations, or is publicly exposed, consider periodic security audits by qualified professionals.
 
-## 5. Further Reading
+## 5. Reporting Security Vulnerabilities
+
+If you discover a security vulnerability in CrewAI, please report it responsibly through our Bugcrowd Vulnerability Disclosure Program (VDP):
+
+**Submit reports to:** [crewai-vdp-ess@submit.bugcrowd.com](mailto:crewai-vdp-ess@submit.bugcrowd.com)
+
+<Warning>
+**Do not** disclose vulnerabilities via public GitHub issues, pull requests, or social media. Reports submitted via channels other than Bugcrowd will not be reviewed.
+</Warning>
+
+For full details, see our [Security Policy](https://github.com/crewAIInc/crewAI/blob/main/.github/security.md).
+
+## 6. Further Reading
 
 For more detailed information on MCP security, refer to the official documentation:
 - **[MCP Transport Security](https://modelcontextprotocol.io/docs/concepts/transports#security-considerations)**

docs/en/security.mdx

@@ -0,0 +1,22 @@
+---
+title: Security Policy
+description: Learn how to report security vulnerabilities and about CrewAI's security practices.
+icon: shield
+mode: "wide"
+---
+
+## Reporting Security Vulnerabilities
+
+If you discover a security vulnerability in CrewAI, please report it responsibly through our Bugcrowd Vulnerability Disclosure Program (VDP):
+
+**Submit reports to:** [crewai-vdp-ess@submit.bugcrowd.com](mailto:crewai-vdp-ess@submit.bugcrowd.com)
+
+<Warning>
+**Do not** disclose vulnerabilities via public GitHub issues, pull requests, or social media. Reports submitted via channels other than Bugcrowd will not be reviewed.
+</Warning>
+
+For full details, see our [Security Policy on GitHub](https://github.com/crewAIInc/crewAI/blob/main/.github/security.md).
+
+## Security Resources
+
+- **[MCP Security Considerations](/mcp/security)** — Best practices for securely integrating MCP servers with your CrewAI agents, including transport security, prompt injection risks, and server implementation advice.

docs/ko/changelog.mdx

@@ -4,6 +4,29 @@ description: "CrewAI의 제품 업데이트, 개선 사항 및 버그 수정"
 icon: "clock"
 mode: "wide"
 ---
+<Update label="2026년 3월 25일">
+  ## v1.12.2
+
+  [GitHub 릴리스 보기](https://github.com/crewAIInc/crewAI/releases/tag/1.12.2)
+
+  ## 변경 사항
+
+  ### 기능
+  - devtools 릴리스에 기업 릴리스 단계 추가
+
+  ### 버그 수정
+  - @human_feedback과 함께 emit을 사용할 때 메서드 반환 값을 흐름 출력으로 유지
+
+  ### 문서
+  - v1.12.1에 대한 변경 로그 및 버전 업데이트
+  - 보안 정책 및 보고 지침 수정
+
+  ## 기여자
+
+  @alex-clawd, @greysonlalonde, @joaomdmoura, @theCyberTech
+
+</Update>
+
 <Update label="2026년 3월 25일">
   ## v1.12.1
 

docs/ko/mcp/security.mdx

@@ -156,7 +156,19 @@ CrewAI 에이전트가 연결할 수 있는 MCP 서버를 개발하고 있다면
 - **MCP 인증 사양 준수**: 인증 및 권한 부여를 구현할 경우, [MCP Authorization specification](https://modelcontextprotocol.io/specification/draft/basic/authorization) 및 관련 [OAuth 2.0 security best practices](https://datatracker.ietf.org/doc/html/rfc9700)를 엄격히 준수하세요.
 - **정기적인 보안 감사**: MCP 서버가 민감한 데이터를 처리하거나, 중요한 작업을 수행하거나, 대외적으로 노출된 경우 자격을 갖춘 전문가의 정기적인 보안 감사를 고려하세요.
 
-## 5. 추가 참고 자료
+## 5. 보안 취약점 보고
+
+CrewAI에서 보안 취약점을 발견하셨다면, Bugcrowd 취약점 공개 프로그램(VDP)을 통해 책임감 있게 보고해 주세요:
+
+**보고서 제출:** [crewai-vdp-ess@submit.bugcrowd.com](mailto:crewai-vdp-ess@submit.bugcrowd.com)
+
+<Warning>
+공개 GitHub 이슈, 풀 리퀘스트 또는 소셜 미디어를 통해 취약점을 공개하지 **마세요**. Bugcrowd 이외의 채널로 제출된 보고서는 검토되지 않습니다.
+</Warning>
+
+자세한 내용은 [보안 정책](https://github.com/crewAIInc/crewAI/blob/main/.github/security.md)을 참조하세요.
+
+## 6. 추가 참고 자료
 
 MCP 보안에 대한 자세한 내용은 공식 문서를 참고하세요:
 - **[MCP 전송 보안](https://modelcontextprotocol.io/docs/concepts/transports#security-considerations)**

docs/ko/security.mdx

@@ -0,0 +1,22 @@
+---
+title: 보안 정책
+description: CrewAI의 보안 취약점 보고 방법과 보안 관행에 대해 알아보세요.
+icon: shield
+mode: "wide"
+---
+
+## 보안 취약점 보고
+
+CrewAI에서 보안 취약점을 발견하셨다면, Bugcrowd 취약점 공개 프로그램(VDP)을 통해 책임감 있게 보고해 주세요:
+
+**보고서 제출:** [crewai-vdp-ess@submit.bugcrowd.com](mailto:crewai-vdp-ess@submit.bugcrowd.com)
+
+<Warning>
+공개 GitHub 이슈, 풀 리퀘스트 또는 소셜 미디어를 통해 취약점을 공개하지 **마세요**. Bugcrowd 이외의 채널로 제출된 보고서는 검토되지 않습니다.
+</Warning>
+
+자세한 내용은 [GitHub 보안 정책](https://github.com/crewAIInc/crewAI/blob/main/.github/security.md)을 참조하세요.
+
+## 보안 리소스
+
+- **[MCP 보안 고려사항](/mcp/security)** — MCP 서버를 CrewAI 에이전트와 안전하게 통합하기 위한 모범 사례로, 전송 보안, 프롬프트 인젝션 위험 및 서버 구현 권장 사항을 포함합니다.

docs/pt-BR/changelog.mdx

@@ -4,6 +4,29 @@ description: "Atualizações de produto, melhorias e correções do CrewAI"
 icon: "clock"
 mode: "wide"
 ---
+<Update label="25 mar 2026">
+  ## v1.12.2
+
+  [Ver release no GitHub](https://github.com/crewAIInc/crewAI/releases/tag/1.12.2)
+
+  ## O que Mudou
+
+  ### Recursos
+  - Adicionar fase de lançamento empresarial ao lançamento do devtools
+
+  ### Correções de Bugs
+  - Preservar o valor de retorno do método como saída de fluxo para @human_feedback com emit
+
+  ### Documentação
+  - Atualizar changelog e versão para v1.12.1
+  - Revisar política de segurança e instruções de relatório
+
+  ## Contributors
+
+  @alex-clawd, @greysonlalonde, @joaomdmoura, @theCyberTech
+
+</Update>
+
 <Update label="25 mar 2026">
   ## v1.12.1
 

docs/pt-BR/mcp/security.mdx

@@ -156,7 +156,19 @@ Se você está desenvolvendo um servidor MCP ao qual agentes CrewAI possam se co
 - **Aderência à Especificação de Autorização MCP**: Caso implemente autenticação e autorização, siga estritamente a [especificação de autorização MCP](https://modelcontextprotocol.io/specification/draft/basic/authorization) e as [melhores práticas de segurança OAuth 2.0](https://datatracker.ietf.org/doc/html/rfc9700) relevantes.
 - **Auditorias de Segurança Regulares**: Caso seu servidor MCP manipule dados sensíveis, realize operações críticas ou seja exposto publicamente, considere auditorias de segurança periódicas conduzidas por profissionais qualificados.
 
-## 5. Leituras Adicionais
+## 5. Reportando Vulnerabilidades de Segurança
+
+Se você descobrir uma vulnerabilidade de segurança no CrewAI, por favor reporte de forma responsável através do nosso Programa de Divulgação de Vulnerabilidades (VDP) no Bugcrowd:
+
+**Envie relatórios para:** [crewai-vdp-ess@submit.bugcrowd.com](mailto:crewai-vdp-ess@submit.bugcrowd.com)
+
+<Warning>
+**Não** divulgue vulnerabilidades por meio de issues públicas no GitHub, pull requests ou redes sociais. Relatórios enviados por outros canais que não o Bugcrowd não serão analisados.
+</Warning>
+
+Para mais detalhes, consulte nossa [Política de Segurança](https://github.com/crewAIInc/crewAI/blob/main/.github/security.md).
+
+## 6. Leituras Adicionais
 
 Para informações mais detalhadas sobre segurança MCP, consulte a documentação oficial:
 - **[Segurança de Transporte MCP](https://modelcontextprotocol.io/docs/concepts/transports#security-considerations)**

docs/pt-BR/security.mdx

@@ -0,0 +1,22 @@
+---
+title: Política de Segurança
+description: Saiba como reportar vulnerabilidades de segurança e sobre as práticas de segurança do CrewAI.
+icon: shield
+mode: "wide"
+---
+
+## Reportando Vulnerabilidades de Segurança
+
+Se você descobrir uma vulnerabilidade de segurança no CrewAI, por favor reporte de forma responsável através do nosso Programa de Divulgação de Vulnerabilidades (VDP) no Bugcrowd:
+
+**Envie relatórios para:** [crewai-vdp-ess@submit.bugcrowd.com](mailto:crewai-vdp-ess@submit.bugcrowd.com)
+
+<Warning>
+**Não** divulgue vulnerabilidades por meio de issues públicas no GitHub, pull requests ou redes sociais. Relatórios enviados por outros canais que não o Bugcrowd não serão analisados.
+</Warning>
+
+Para mais detalhes, consulte nossa [Política de Segurança no GitHub](https://github.com/crewAIInc/crewAI/blob/main/.github/security.md).
+
+## Recursos de Segurança
+
+- **[Considerações de Segurança MCP](/mcp/security)** — Melhores práticas para integrar servidores MCP com segurança aos seus agentes CrewAI, incluindo segurança de transporte, riscos de injeção de prompt e conselhos de implementação de servidor.

lib/crewai-files/src/crewai_files/__init__.py

@@ -152,4 +152,4 @@ __all__ = [
     "wrap_file_source",
 ]
 
-__version__ = "1.12.1"
+__version__ = "1.12.2"

lib/crewai-tools/pyproject.toml

@@ -11,7 +11,7 @@ dependencies = [
     "pytube~=15.0.0",
     "requests~=2.32.5",
     "docker~=7.1.0",
-    "crewai==1.12.1",
+    "crewai==1.12.2",
     "tiktoken~=0.8.0",
     "beautifulsoup4~=4.13.4",
     "python-docx~=1.2.0",

lib/crewai-tools/src/crewai_tools/__init__.py

@@ -309,4 +309,4 @@ __all__ = [
     "ZapierActionTools",
 ]
 
-__version__ = "1.12.1"
+__version__ = "1.12.2"

lib/crewai/pyproject.toml

@@ -54,7 +54,7 @@ Repository = "https://github.com/crewAIInc/crewAI"
 
 [project.optional-dependencies]
 tools = [
-    "crewai-tools==1.12.1",
+    "crewai-tools==1.12.2",
 ]
 embeddings = [
     "tiktoken~=0.8.0"

lib/crewai/src/crewai/__init__.py

@@ -42,7 +42,7 @@ def _suppress_pydantic_deprecation_warnings() -> None:
 
 _suppress_pydantic_deprecation_warnings()
 
-__version__ = "1.12.1"
+__version__ = "1.12.2"
 _telemetry_submitted = False
 
 

lib/crewai/src/crewai/cli/templates/crew/pyproject.toml

@@ -5,7 +5,7 @@ description = "{{name}} using crewAI"
 authors = [{ name = "Your Name", email = "you@example.com" }]
 requires-python = ">=3.10,<3.14"
 dependencies = [
-    "crewai[tools]==1.12.1"
+    "crewai[tools]==1.12.2"
 ]
 
 [project.scripts]

lib/crewai/src/crewai/cli/templates/flow/pyproject.toml

@@ -5,7 +5,7 @@ description = "{{name}} using crewAI"
 authors = [{ name = "Your Name", email = "you@example.com" }]
 requires-python = ">=3.10,<3.14"
 dependencies = [
-    "crewai[tools]==1.12.1"
+    "crewai[tools]==1.12.2"
 ]
 
 [project.scripts]

lib/crewai/src/crewai/cli/templates/tool/pyproject.toml

@@ -5,7 +5,7 @@ description = "Power up your crews with {{folder_name}}"
 readme = "README.md"
 requires-python = ">=3.10,<3.14"
 dependencies = [
-    "crewai[tools]==1.12.1"
+    "crewai[tools]==1.12.2"
 ]
 
 [tool.crewai]

lib/crewai/src/crewai/flow/flow.py

@@ -883,6 +883,9 @@ class Flow(Generic[T], metaclass=FlowMeta):
         self.human_feedback_history: list[HumanFeedbackResult] = []
         self.last_human_feedback: HumanFeedbackResult | None = None
         self._pending_feedback_context: PendingFeedbackContext | None = None
+        # Per-method stash for real @human_feedback output (keyed by method name)
+        # Used to decouple routing outcome from method return value when emit is set
+        self._human_feedback_method_outputs: dict[str, Any] = {}
         self.suppress_flow_events: bool = suppress_flow_events
 
         # User input history (for self.ask())
@@ -2290,6 +2293,17 @@ class Flow(Generic[T], metaclass=FlowMeta):
                 result = await result
 
             self._method_outputs.append(result)
+
+            # For @human_feedback methods with emit, the result is the collapsed outcome
+            # (e.g., "approved") used for routing. But we want the actual method output
+            # to be the stored result (for final flow output). Replace the last entry
+            # if a stashed output exists. Dict-based stash is concurrency-safe and
+            # handles None return values (presence in dict = stashed, not value).
+            if method_name in self._human_feedback_method_outputs:
+                self._method_outputs[-1] = self._human_feedback_method_outputs.pop(
+                    method_name
+                )
+
             self._method_execution_counts[method_name] = (
                 self._method_execution_counts.get(method_name, 0) + 1
             )

lib/crewai/src/crewai/flow/human_feedback.py

@@ -591,6 +591,13 @@ def human_feedback(
                 ):
                     _distill_and_store_lessons(self, method_output, raw_feedback)
 
+                # Stash the real method output for final flow result when emit is set
+                # (result is the collapsed outcome string for routing, but we want to
+                # preserve the actual method output as the flow's final result)
+                # Uses per-method dict for concurrency safety and to handle None returns
+                if emit:
+                    self._human_feedback_method_outputs[func.__name__] = method_output
+
                 return result
 
             wrapper: Any = async_wrapper
@@ -615,6 +622,13 @@ def human_feedback(
                 ):
                     _distill_and_store_lessons(self, method_output, raw_feedback)
 
+                # Stash the real method output for final flow result when emit is set
+                # (result is the collapsed outcome string for routing, but we want to
+                # preserve the actual method output as the flow's final result)
+                # Uses per-method dict for concurrency safety and to handle None returns
+                if emit:
+                    self._human_feedback_method_outputs[func.__name__] = method_output
+
                 return result
 
             wrapper = sync_wrapper

lib/crewai/tests/test_human_feedback_decorator.py

@@ -246,7 +246,7 @@ class TestHumanFeedbackExecution:
     @patch("builtins.input", return_value="")
     @patch("builtins.print")
     def test_empty_feedback_with_default_outcome(self, mock_print, mock_input):
-        """Test empty feedback uses default_outcome."""
+        """Test empty feedback uses default_outcome for routing, but flow returns method output."""
 
         class TestFlow(Flow):
             @start()
@@ -264,14 +264,16 @@ class TestHumanFeedbackExecution:
         with patch.object(flow, "_request_human_feedback", return_value=""):
             result = flow.kickoff()
 
-        assert result == "needs_work"
+        # Flow result is the method's return value, NOT the collapsed outcome
+        assert result == "Content"
         assert flow.last_human_feedback is not None
+        # But the outcome is still correctly set for routing purposes
         assert flow.last_human_feedback.outcome == "needs_work"
 
     @patch("builtins.input", return_value="Approved!")
     @patch("builtins.print")
     def test_feedback_collapsing(self, mock_print, mock_input):
-        """Test that feedback is collapsed to an outcome."""
+        """Test that feedback is collapsed to an outcome for routing, but flow returns method output."""
 
         class TestFlow(Flow):
             @start()
@@ -291,8 +293,10 @@ class TestHumanFeedbackExecution:
         ):
             result = flow.kickoff()
 
-        assert result == "approved"
+        # Flow result is the method's return value, NOT the collapsed outcome
+        assert result == "Content"
         assert flow.last_human_feedback is not None
+        # But the outcome is still correctly set for routing purposes
         assert flow.last_human_feedback.outcome == "approved"
 
 
@@ -591,3 +595,162 @@ class TestHumanFeedbackLearn:
         assert config.learn is True
         # llm defaults to "gpt-4o-mini" at the function level
         assert config.llm == "gpt-4o-mini"
+
+
+class TestHumanFeedbackFinalOutputPreservation:
+    """Tests for preserving method return value as flow's final output when @human_feedback with emit is terminal.
+
+    This addresses the bug where the flow's final output was the collapsed outcome string (e.g., 'approved')
+    instead of the method's actual return value when a @human_feedback method with emit is the final method.
+    """
+
+    @patch("builtins.input", return_value="Looks good!")
+    @patch("builtins.print")
+    def test_final_output_is_method_return_not_collapsed_outcome(
+        self, mock_print, mock_input
+    ):
+        """When @human_feedback with emit is the final method, flow output is the method's return value."""
+
+        class FinalHumanFeedbackFlow(Flow):
+            @start()
+            @human_feedback(
+                message="Review this content:",
+                emit=["approved", "rejected"],
+                llm="gpt-4o-mini",
+            )
+            def generate_and_review(self):
+                # This dict should be the final output, NOT the string 'approved'
+                return {"title": "My Article", "content": "Article content here", "status": "ready"}
+
+        flow = FinalHumanFeedbackFlow()
+
+        with (
+            patch.object(flow, "_request_human_feedback", return_value="Looks great, approved!"),
+            patch.object(flow, "_collapse_to_outcome", return_value="approved"),
+        ):
+            result = flow.kickoff()
+
+        # The final output should be the actual method return value, not the collapsed outcome
+        assert isinstance(result, dict), f"Expected dict, got {type(result).__name__}: {result}"
+        assert result == {"title": "My Article", "content": "Article content here", "status": "ready"}
+        # But the outcome should still be tracked in last_human_feedback
+        assert flow.last_human_feedback is not None
+        assert flow.last_human_feedback.outcome == "approved"
+
+    @patch("builtins.input", return_value="approved")
+    @patch("builtins.print")
+    def test_routing_still_works_with_downstream_listener(self, mock_print, mock_input):
+        """When @human_feedback has a downstream listener, routing still triggers the listener."""
+        publish_called = []
+
+        class RoutingFlow(Flow):
+            @start()
+            @human_feedback(
+                message="Review:",
+                emit=["approved", "rejected"],
+                llm="gpt-4o-mini",
+            )
+            def review(self):
+                return {"content": "original content"}
+
+            @listen("approved")
+            def publish(self):
+                publish_called.append(True)
+                return {"published": True, "timestamp": "2024-01-01"}
+
+        flow = RoutingFlow()
+
+        with (
+            patch.object(flow, "_request_human_feedback", return_value="LGTM"),
+            patch.object(flow, "_collapse_to_outcome", return_value="approved"),
+        ):
+            result = flow.kickoff()
+
+        # The downstream listener should have been triggered
+        assert len(publish_called) == 1, "publish() should have been called"
+        # The final output should be from the listener, not the human_feedback method
+        assert result == {"published": True, "timestamp": "2024-01-01"}
+
+    @patch("builtins.input", return_value="")
+    @patch("builtins.print")
+    @pytest.mark.asyncio
+    async def test_async_human_feedback_final_output_preserved(self, mock_print, mock_input):
+        """Async @human_feedback methods also preserve the real return value."""
+
+        class AsyncFinalFlow(Flow):
+            @start()
+            @human_feedback(
+                message="Review async content:",
+                emit=["approved", "rejected"],
+                llm="gpt-4o-mini",
+                default_outcome="approved",
+            )
+            async def async_generate(self):
+                return {"async_data": "value", "computed": 42}
+
+        flow = AsyncFinalFlow()
+
+        with (
+            patch.object(flow, "_request_human_feedback", return_value=""),
+        ):
+            result = await flow.kickoff_async()
+
+        # The final output should be the dict, not "approved"
+        assert isinstance(result, dict), f"Expected dict, got {type(result).__name__}: {result}"
+        assert result == {"async_data": "value", "computed": 42}
+        assert flow.last_human_feedback.outcome == "approved"
+
+    @patch("builtins.input", return_value="feedback")
+    @patch("builtins.print")
+    def test_method_outputs_contains_real_output(self, mock_print, mock_input):
+        """The _method_outputs list should contain the real method output, not the collapsed outcome."""
+
+        class OutputTrackingFlow(Flow):
+            @start()
+            @human_feedback(
+                message="Review:",
+                emit=["approved", "rejected"],
+                llm="gpt-4o-mini",
+            )
+            def generate(self):
+                return {"data": "real output"}
+
+        flow = OutputTrackingFlow()
+
+        with (
+            patch.object(flow, "_request_human_feedback", return_value="approved"),
+            patch.object(flow, "_collapse_to_outcome", return_value="approved"),
+        ):
+            flow.kickoff()
+
+        # _method_outputs should contain the real output
+        assert len(flow._method_outputs) == 1
+        assert flow._method_outputs[0] == {"data": "real output"}
+
+    @patch("builtins.input", return_value="looks good")
+    @patch("builtins.print")
+    def test_none_return_value_is_preserved(self, mock_print, mock_input):
+        """A method returning None should preserve None as flow output, not the outcome string."""
+
+        class NoneReturnFlow(Flow):
+            @start()
+            @human_feedback(
+                message="Review:",
+                emit=["approved", "rejected"],
+                llm="gpt-4o-mini",
+            )
+            def process(self):
+                # Method does work but returns None (implicit)
+                pass
+
+        flow = NoneReturnFlow()
+
+        with (
+            patch.object(flow, "_request_human_feedback", return_value=""),
+            patch.object(flow, "_collapse_to_outcome", return_value="approved"),
+        ):
+            result = flow.kickoff()
+
+        # Final output should be None (the method's real return), not "approved"
+        assert result is None, f"Expected None, got {result!r}"
+        assert flow.last_human_feedback.outcome == "approved"

lib/crewai/tests/test_human_feedback_integration.py

@@ -708,7 +708,7 @@ class TestEdgeCases:
     @patch("builtins.input", return_value="")
     @patch("builtins.print")
     def test_empty_feedback_first_outcome_fallback(self, mock_print, mock_input):
-        """Test that empty feedback without default uses first outcome."""
+        """Test that empty feedback without default uses first outcome for routing, but returns method output."""
 
         class FallbackFlow(Flow):
             @start()
@@ -726,12 +726,15 @@ class TestEdgeCases:
         with patch.object(flow, "_request_human_feedback", return_value=""):
             result = flow.kickoff()
 
-        assert result == "first"  # Falls back to first outcome
+        # Flow result is the method's return value, NOT the collapsed outcome
+        assert result == "content"
+        # But outcome is still set to first for routing purposes
+        assert flow.last_human_feedback.outcome == "first"
 
     @patch("builtins.input", return_value="whitespace only   ")
     @patch("builtins.print")
     def test_whitespace_only_feedback_treated_as_empty(self, mock_print, mock_input):
-        """Test that whitespace-only feedback is treated as empty."""
+        """Test that whitespace-only feedback is treated as empty for routing, but returns method output."""
 
         class WhitespaceFlow(Flow):
             @start()
@@ -749,7 +752,10 @@ class TestEdgeCases:
         with patch.object(flow, "_request_human_feedback", return_value="   "):
             result = flow.kickoff()
 
-        assert result == "reject"  # Uses default because feedback is empty after strip
+        # Flow result is the method's return value, NOT the collapsed outcome
+        assert result == "content"
+        # But outcome is set to default because feedback is empty after strip
+        assert flow.last_human_feedback.outcome == "reject"
 
     @patch("builtins.input", return_value="feedback")
     @patch("builtins.print")

lib/devtools/src/crewai_devtools/__init__.py

@@ -1,3 +1,3 @@
 """CrewAI development tools."""
 
-__version__ = "1.12.1"
+__version__ = "1.12.2"