Skip to content

avp-protocol/crewai-avp

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
.github/workflows
.github/workflows
 
 
src/crewai_avp
src/crewai_avp
 
 
tests
tests
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
pyproject.toml
pyproject.toml
 
 

Repository files navigation

AVP Shield

crewai-avp

CrewAI credential store integration for AVP
Secure agent credentials · Multi-agent support · Hardware security

PyPI CI License

Overview

crewai-avp provides AVP integration for CrewAI. Secure your multi-agent system's credentials with hardware-grade protection — each agent can have isolated credential access.

Installation

pip install crewai-avp

Quick Start

Before (insecure)

from crewai import Agent, Task, Crew
import os

# ❌ API keys in environment variables
researcher = Agent(
    role="Researcher",
    llm_config={"api_key": os.environ["OPENAI_API_KEY"]}
)

After (secure AVP)

from crewai import Agent, Task, Crew
from crewai_avp import AVPCredentialStore

# ✅ API keys in hardware-secured vault
credentials = AVPCredentialStore("avp.toml")

researcher = Agent(
    role="Researcher",
    llm_config={"api_key": credentials.get("openai_api_key")}
)

Per-Agent Credentials

Isolate credentials by agent role using AVP workspaces:

from crewai_avp import AVPCredentialStore

# Each agent has its own workspace
researcher_creds = AVPCredentialStore("avp.toml", workspace="researcher")
writer_creds = AVPCredentialStore("avp.toml", workspace="writer")

researcher = Agent(
    role="Researcher",
    llm_config={"api_key": researcher_creds.get("api_key")},
    tools=[SerperDevTool(api_key=researcher_creds.get("serper_key"))]
)

writer = Agent(
    role="Writer",
    llm_config={"api_key": writer_creds.get("api_key")}
)

Tool Credentials

Secure tool API keys:

from crewai_avp import AVPCredentialStore
from crewai_tools import SerperDevTool, ScrapeWebsiteTool

credentials = AVPCredentialStore("avp.toml")

# All tool credentials from AVP
tools = [
    SerperDevTool(api_key=credentials.get("serper_api_key")),
    ScrapeWebsiteTool(),
]

agent = Agent(
    role="Researcher",
    tools=tools,
    llm_config={"api_key": credentials.get("openai_api_key")}
)

Multi-Crew Setup

from crewai_avp import AVPCredentialStore

# Production crew with hardware security
prod_creds = AVPCredentialStore("avp.toml", backend="hardware")

# Development crew with file backend
dev_creds = AVPCredentialStore("avp.toml", backend="file")

prod_crew = Crew(
    agents=[Agent(llm_config={"api_key": prod_creds.get("api_key")})],
    # ...
)

dev_crew = Crew(
    agents=[Agent(llm_config={"api_key": dev_creds.get("api_key")})],
    # ...
)

Backend Selection

from crewai_avp import AVPCredentialStore, Backend

# OS Keychain (recommended)
credentials = AVPCredentialStore(backend=Backend.KEYCHAIN)

# Hardware secure element (maximum security)
credentials = AVPCredentialStore(backend=Backend.HARDWARE)

# Remote vault (team environments)
credentials = AVPCredentialStore(
    backend=Backend.REMOTE,
    url="https://vault.company.com"
)

Migration

# Export existing credentials
env | grep -E "(API_KEY|SECRET)" > credentials.env

# Import into AVP
avp import credentials.env --backend keychain

# Update code to use AVPCredentialStore
# Delete insecure credentials
rm credentials.env

Security Comparison

Method Infostealer Agent Isolation Host Compromise
Environment vars
.env file
AVP Keychain
AVP Hardware

Contributing

See CONTRIBUTING.md.

License

Apache 2.0 — see LICENSE.

AVP Specification · CrewAI

About

CrewAI integration for AVP - Multi-agent credential isolation

avp-protocol.github.io/website/docs/crewai.html

Topics

multi-agent ai-agents avp credential-management crewai

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages