Open pjaol opened 1 month ago
https://github.com/crewAIInc/crewAI/blob/7306414de709d2fff07fe6aa5efd7fe3f99d3c38/src/crewai/telemetry/telemetry.py#L465
Non-optional telemetry data being collected by CrewAI includes base_url which is not a safe variable for private hosted LLM's
This data is collected as part of the _safe_llm_attributes in
without the share_crew attribute check.
Any and all URLs should be treated as secure data due to
Related to #266 #372 #241
This should be considered a high risk
Addressed on https://github.com/crewAIInc/crewAI/issues/1178#issuecomment-2319952760
joaomdmoura
commented
2 weeks ago
https://github.com/crewAIInc/crewAI/blob/7306414de709d2fff07fe6aa5efd7fe3f99d3c38/src/crewai/telemetry/telemetry.py#L465
Non-optional telemetry data being collected by CrewAI includes base_url which is not a safe variable for private hosted LLM's
This data is collected as part of the _safe_llm_attributes in
without the share_crew attribute check.
Any and all URLs should be treated as secure data due to
Related to #266 #372 #241
This should be considered a high risk