andre/crewAI
1
0
Fork 0
mirror of https://github.com/crewAIInc/crewAI.git synced 2026-05-08 02:29:00 +00:00
Code Issues Actions 6 Packages Projects Releases Wiki Activity
Files
909ebd869bcb8284bfe71b524074cbf809169741
crewAI/lib/crewai/tests/mcp
History
Devin AI 909ebd869b feat: add MCP security layer for message signing, tool integrity, and replay protection 
Addresses issue #4875 - MCP tool calling has no per-message authentication
or integrity verification.

Adds:
- MCPSecurityConfig: Pydantic model for security settings (agent identity,
  key pairs, Trust Authority keys, signing/verification toggles)
- MCPSecurityManager: Stateful manager handling ECDSA P-256 key generation,
  agent passport creation/signing, message signing/verification, tool
  integrity checks, and nonce-based replay protection
- Integration into MCPClient, MCPToolResolver, and all config models
  (MCPServerStdio, MCPServerHTTP, MCPServerSSE)
- 30 comprehensive tests covering all security features and graceful
  degradation when mcp-secure is not installed

Uses the mcp-secure library (optional dependency) which implements the
IETF draft-sharif-mcps-secure-mcp specification.

Co-Authored-By: João <joao@crewai.com>
2026-03-14 17:47:51 +00:00
..
__init__.py
Lorenze/feat mcp first class support (#3850)
2025-11-06 17:45:16 -08:00
test_amp_mcp.py
Addressing MCP tools resolutions & eliminates all shared mutable connection (#4792)
2026-03-10 14:00:40 -04:00
test_mcp_config.py
Addressing MCP tools resolutions & eliminates all shared mutable connection (#4792)
2026-03-10 14:00:40 -04:00
test_mcp_security.py
feat: add MCP security layer for message signing, tool integrity, and replay protection
2026-03-14 17:47:51 +00:00
test_sse_transport.py
fix: remove invalid param from sse client (#3980)
2025-11-26 21:37:55 -08:00