Files
crewAI/lib/cli
Rip&Tear 750684ca36 fix: enforce owner-only permissions on credential files
Credentials stored at rest were left world-readable on multi-user hosts:

- TokenManager._get_secure_storage_path() documented its credential dir as
  mode 0o700 but created it via mkdir() with default perms (0o755), leaving
  the Fernet secret.key and encrypted tokens.enc in a traversable dir.
- Settings.dump() persisted tool_repository_password (plaintext) to
  settings.json via open("w"), producing a 0o644 file, and created the
  config dir at 0o755 — despite the sibling token_manager already writing
  secrets atomically at 0o600.

Fixes:
- TokenManager: chmod the credential dir to 0o700 after mkdir (robust against
  umask and pre-existing dirs).
- Settings: write settings.json atomically at 0o600 (mkstemp + chmod +
  os.replace) and chmod the dedicated config dir to 0o700. The /tmp and cwd
  fallback parents are deliberately not chmod'd; the 0o600 file mode protects
  the credential there.

Adds regression tests asserting 0o600 files and 0o700 dirs, and that shared
fallback dirs are not globally tightened.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-19 14:23:30 +08:00
..

crewai-cli

CLI for CrewAI — scaffold, run, deploy and manage AI agent crews without installing the full framework.

Installation

pip install crewai-cli

This pulls in crewai-core (shared utilities) but not the crewai framework itself, so commands that don't need a crew loaded — crewai version, crewai login, crewai org list, crewai config *, crewai traces *, crewai create, crewai template * — work standalone.

Commands that load a user's crew or flow (crewai run, crewai train, crewai test, crewai chat, crewai replay, crewai reset-memories, crewai deploy push, crewai tool publish) require crewai to be installed in the project's environment. They print a clear error if it is missing.

To install both at once:

pip install crewai[cli]