Files
crewAI/lib/crewai-files
Devin AI 614354df4c fix: replace insecure pickle deserialization with JSON serialization
Fixes #4746 - Security: Insecure Pickle Deserialization enables Arbitrary Code Execution

- Replace pickle.load/dump with json.load/dump in PickleHandler (file_handler.py)
- Add backward compatibility to auto-migrate legacy .pkl files to .json
- Replace PickleSerializer with JSON-based _CachedUploadSerializer in upload_cache.py
- Replace PickleSerializer with JsonSerializer in file_store.py and agent_card.py
- Update and add comprehensive security tests for all changes

Co-Authored-By: João <joao@crewai.com>
2026-03-06 15:19:49 +00:00
..

crewai-files

File handling utilities for CrewAI multimodal inputs.

Supported File Types

  • ImageFile - PNG, JPEG, GIF, WebP
  • PDFFile - PDF documents
  • TextFile - Plain text files
  • AudioFile - MP3, WAV, FLAC, OGG, M4A
  • VideoFile - MP4, WebM, MOV, AVI

Usage

from crewai_files import File, ImageFile, PDFFile

# Auto-detect file type
file = File(source="document.pdf")  # Resolves to PDFFile

# Or use specific types
image = ImageFile(source="chart.png")
pdf = PDFFile(source="report.pdf")

Passing Files to Crews

crew.kickoff(
    input_files={"chart": ImageFile(source="chart.png")}
)

Passing Files to Tasks

task = Task(
    description="Analyze the chart",
    expected_output="Analysis",
    agent=agent,
    input_files=[ImageFile(source="chart.png")],
)