Bring Ai Guardrails
to CrewAI
Learn how to connect Pangea (Security APIs) to CrewAI and start using 40 AI agent tools in minutes. Fully managed, enterprise secure, and ready to use without writing a single line of code.
GDPR Free for SubscribersCompatible with every major AI agent and IDE
Gemini
What is the Pangea (Security APIs) MCP Server?
Integrate Pangea into your AI workflows to provide a robust security layer for LLM interactions and organizational data. This server provides a unified interface to Pangea's cloud-native security services.
Key Capabilities
- AI Security & Guarding — Use
ai_guard_textandai_guard_promptto detect prompt injections, PII, and malicious content before they reach your model or user. - Data Privacy — Automatically redact sensitive information from plain text or structured JSON objects using
redact_textandredact_structured. - Secure Auditing — Maintain a tamper-proof record of activities with
audit_logand perform natural language searches through your security history viaaudit_search. - Threat Intelligence — Check for embargoed locations with
embargo_ip_checkand scan files for threats withsanitize_file. - Identity & Access — Manage authentication flows, user sessions, and authorization tuples directly from your agent.
How it works
- Subscribe to this server
- Enter your Pangea Token and Domain from the Pangea Console
- Start securing your AI agents in Claude, Cursor, or any MCP-compatible client
Who is this for?
- Security Engineers — Automate audit log analysis and threat intelligence checks within your existing tools.
- AI Developers — Implement safety rails and PII redaction for LLM inputs and outputs without building custom middleware.
- Compliance Officers — Quickly search and verify audit trails using natural language queries.
Built-in capabilities (40)
Analyze and redact content in LLM inputs/outputs
Scan text for PII, malicious content, and prompt injections
Guard LLM chat completions with integrated logging and tracing
Create a single secure audit log entry
Create multiple secure audit log entries
Search the audit log using natural language queries
Paginate through audit search results
Finalize the flow and receive session tokens
Start a sign-up or sign-in flow
Update flow state (e.g., submit password, OTP)
List active user sessions
Invalidate sessions
Programmatically create a user
Check if a subject has permission for an action on a resource
List all resources a subject can access
Define relationships for AuthZ
Get WHOIS details for a domain
Check if an IP originates from an embargoed country
Check a 2-character ISO country code against embargo lists
Scan a file for malware
Retrieve reputation scores for domains, URLs, or file hashes
Retrieve location data for an IP
Detect if an IP is a proxy
Get reputation score and verdict for an IP
Detect if an IP is a VPN
Check if a password hash prefix appears in breach data
Redact specific fields in a JSON object using JSONPath
Redact sensitive data from plain text
Apply sanitization rules to a file and receive a cleaned version
Delete files or folders
Create folders in Secure Share
Download a file or retrieve metadata
List objects in a bucket or folder with filtering
Decrypt data previously redacted using FPE
Check if an email, phone, or username appears in known data breaches
Perform cryptographic decryption
Perform cryptographic encryption
Retrieve item details or secret values from Vault
Generate symmetric or asymmetric keys in Vault
Store a secret or token in Vault
Why CrewAI?
When paired with CrewAI, Pangea (Security APIs) becomes a first-class tool in your multi-agent workflows. Each agent in the crew can call Pangea (Security APIs) tools autonomously, one agent queries data, another analyzes results, a third compiles reports, all orchestrated through Vinkius with zero configuration overhead.
- —
Multi-agent collaboration lets you decompose complex workflows into specialized roles, one agent researches, another analyzes, a third generates reports, each with access to MCP tools
- —
CrewAI's native MCP integration requires zero adapter code: pass Vinkius Edge URL directly in the
mcpsparameter and agents auto-discover every available tool at runtime - —
Built-in task delegation and shared memory mean agents can pass context between steps without manual state management, enabling multi-hop reasoning across tool calls
- —
Sequential and hierarchical crew patterns map naturally to real-world workflows: enumerate subdomains → analyze DNS history → check WHOIS records → compile findings into actionable reports
Pangea (Security APIs) in CrewAI
Pangea (Security APIs) and 4,000+ other MCP servers. One platform. One governance layer.
Teams that connect Pangea (Security APIs) to CrewAI through Vinkius don't need to source, host, or maintain individual MCP servers. Every tool call runs inside a hardened runtime with credential isolation, DLP, and a signed audit chain.
Raw MCP | Vinkius | |
|---|---|---|
| Server catalog | Find and host yourself | 4,000+ managed |
| Infrastructure | Self-hosted | Sandboxed V8 isolates |
| Credential handling | Plaintext in config | Vault + runtime injection |
| Data loss prevention | None | Configurable DLP policies |
| Kill switch | None | Global instant shutdown |
| Financial circuit breakers | None | Per-server limits + alerts |
| Audit trail | None | Ed25519 signed logs |
| SIEM log streaming | None | Splunk, Datadog, Webhook |
| Honeytokens | None | Canary alerts on leak |
| Custom domains | Not applicable | DNS challenge verified |
| GDPR compliance | Manual effort | Automated purge + export |
Why teams choose Vinkius for Pangea (Security APIs) in CrewAI
The Pangea (Security APIs) MCP Server runs on Vinkius-managed infrastructure inside AWS — a purpose-built runtime with per-request V8 isolates, Ed25519 signed audit chains, and sub-40ms cold starts. All 40 tools execute in hardened sandboxes optimized for native MCP execution.
Your AI agents in CrewAI only access the data you authorize, with DLP that blocks sensitive information from ever reaching the model, kill switch for instant shutdown, and up to 60% token savings. Enterprise-grade infrastructure, zero maintenance.
* Every MCP server runs on Vinkius-managed infrastructure inside AWS - a purpose-built runtime with per-request V8 isolates, Ed25519 signed audit chains, and sub-40ms cold starts optimized for native MCP execution. See our infrastructure
How Vinkius secures
Pangea (Security APIs) for CrewAI
Every tool call from CrewAI to the Pangea (Security APIs) MCP Server is protected by DLP redaction, cryptographic audit chains, V8 sandbox isolation, kill switch, and financial circuit breakers.
Frequently asked questions
How can I protect my LLM from prompt injections or malicious content?
You can use the ai_guard_prompt tool to analyze LLM messages. It scans for prompt injections, PII, and other security risks, providing a safety score and redaction suggestions before the data is processed.
Can I search through my security logs using natural language?
Yes! The audit_search tool allows you to query your secure audit logs using natural language or structured queries, making it easy to find specific events without complex SQL.
How do I automatically redact PII from a block of text?
Use the redact_text tool. Simply provide the text, and Pangea will identify and mask sensitive information like emails, phone numbers, and names based on your configured rules.
How does CrewAI discover and connect to MCP tools?
CrewAI connects to MCP servers lazily. when the crew starts, each agent resolves its MCP URLs and fetches the tool catalog via the standard tools/list method. This means tools are always fresh and reflect the server's current capabilities. No tool schemas need to be hardcoded.
Can different agents in the same crew use different MCP servers?
Yes. Each agent has its own mcps list, so you can assign specific servers to specific roles. For example, a reconnaissance agent might use a domain intelligence server while an analysis agent uses a vulnerability database server.
What happens when an MCP tool call fails during a crew run?
CrewAI wraps tool failures as context for the agent. The LLM receives the error message and can decide to retry with different parameters, fall back to a different tool, or mark the task as partially complete. This resilience is critical for production workflows.
Can CrewAI agents call multiple MCP tools in parallel?
CrewAI agents execute tool calls sequentially within a single reasoning step. However, you can run multiple agents in parallel using process=Process.parallel, each calling different MCP tools concurrently. This is ideal for workflows where separate data sources need to be queried simultaneously.
Can I run CrewAI crews on a schedule (cron)?
Yes. CrewAI crews are standard Python scripts, so you can invoke them via cron, Airflow, Celery, or any task scheduler. The crew.kickoff() method runs synchronously by default, making it straightforward to integrate into existing pipelines.
MCP tools not discovered
Ensure the Edge URL is correct. CrewAI connects lazily when the crew starts. check console output.
Agent not using tools
Make the task description specific. Instead of "do something", say "Use the available tools to list contacts".
Timeout errors
CrewAI has a 10s connection timeout by default. Ensure your network can reach the Edge URL.
Rate limiting or 429 errors
Vinkius enforces per-token rate limits. Check your subscription tier and request quota in the dashboard. Upgrade if you need higher throughput.
Explore More MCP Servers
View all →
Elai AI Video
10 toolsEquip your AI agent to generate AI videos, manage avatars, and track rendering status via the Elai.io API.
Spendesk
9 toolsEmpower your AI with real-time spend management. Track budgets, audit invoices, and review expense claims directly from your IDE.
Monday.com
12 toolsManage any workflow visually with customizable boards, automations, and dashboards that adapt to how your team actually works.
DeepL
9 toolsTranslate and audit text — manage multilingual communication via AI.