Above average — notable defaults or data retention policies worth reviewing before wider use. See .
⚠The team behind this tool is not publicly identified — anonymous authorship is a significant trust risk.
Two critical-severity Docker API vulnerabilities patched in v0.8.0 and a litellm supply-chain hotfix in v0.8.6 are now resolved, but the Docker API ships without authentication by default — harden this before any shared or internet-facing deployment.
Score Summary
Claim Accuracy4/5
Data & Privacy4/5
Security Posture3/5
Transparency3/5
Key Findings
›Apache 2.0 license with a mandatory attribution clause — any public use or redistribution must display the Crawl4AI badge or equivalent text credit (source: https://github.com/unclecode/crawl4ai/blob/main/CHANGELOG.md, v0.5.0 entry).
›Two critical Docker API vulnerabilities were disclosed and patched in v0.8.0 (January 2026): a CVSS 10.0 unauthenticated Remote Code Execution via the hooks parameter (GHSA-5882-5rx9-xgxp) and a CVSS 8.6 Local File Inclusion via file:// URLs; both are fixed in v0.8.0 but require upgrade (source: https://github.com/unclecode/crawl4ai/security/advisories/GHSA-5882-5rx9-xgxp).
›A supply-chain security hotfix was released as v0.8.6 to replace the litellm dependency after the March 2026 PyPI compromise of litellm 1.82.7/1.82.8; users on v0.8.5 or earlier should upgrade immediately (source: https://github.com/unclecode/crawl4ai README).
›The Docker API JWT authentication mechanism is optional and not enforced by default; a community-reported GitHub issue (#1627) confirmed that the /token endpoint issues valid JWTs without a secret — this requires explicit configuration hardening before any shared deployment (source: https://github.com/unclecode/crawl4ai/issues/1627).
›The cloud-hosted API is in closed beta and not yet publicly available; all current production use must be via the self-hosted library or Docker image, meaning data privacy is entirely under the operator's control (source: https://github.com/unclecode/crawl4ai README).