crewai - 💡(How to fix) Fix [FEATURE] Docs entry: VaaraCrewGovernance for runtime governance + hash-chained audit on tool calls

Feature Area

Integration with external tools

Is your feature request related to a an existing bug? Please link it here.

Related issues, no bug. Multiple recent threads on the same governance surface:

• #5888 ([FEATURE] Governance middleware hook for tool call authorization)
• #4877 ([FEATURE] GuardrailProvider interface for pre-tool-call authorization)
• #5789 ([FEATURE] Behavioral trust scoring for crew agent interactions)
• #5763 (Question: integration path for Agent Threat Rules detection in crewai/security)
• #5802 (Tool re-execution on task retry has no idempotency guard)

Describe the solution you'd like

A third-party-integrations docs entry naming Vaara (Apache-2.0) under CrewAI's docs/en/observability/ folder, or a sibling third-party-tools subfolder if observability is not the right home.

Vaara ships a VaaraCrewGovernance adapter at src/vaara/integrations/crewai.py that wraps a Crew so every agent action passes through scoring, policy gating, and a hash-chained audit chain before reaching the tool. The decision (ALLOW / DENY / ESCALATE) is recorded with the conformal risk interval and the agent's agent_id. The multi-agent shape maps directly to OWASP Agentic Top 10 ASI07 (Multi-Agent / Multi-System Threats) and ASI10, and to MIT AI Risk Repository v4 sub-domain 7.6 (Multi-Agent risks, n=53 entries).

Working integration recipe shape lives at https://github.com/vaaraio/vaara/tree/main/examples/. The crew-governance demo at examples/governance_demo.py walks through the adapter in use.

Describe alternatives you've considered

• Direct in-CrewAI hook (the on_tool_call proposed in #5888). Useful for simple cases. Vaara goes further by adding tamper-evident audit, conformal risk intervals, and human-in-loop escalation routing for EU AI Act Article 14 compliance.
• Tool-wrap-per-tool approach. Works but does not compose well across crews per #5888's own framing.
• Cloud guardrails (Bedrock, Azure Content Safety, GCP Model Armor) for content scanning. Different layer. Vaara integrates them as upstream signals into the same audit chain rather than substituting.

Additional context

• Vaara is acknowledged in the industry contributors of the IMDA Model AI Governance Framework for Agentic AI v1.5 (Singapore, 20 May 2026).
• AMD developer testimonial, May 2026.
• OpenSSF Best Practices Project 12612.
• Coverage map against the MIT AI Risk Repository v4: https://github.com/vaaraio/vaara/blob/main/docs/mit_ai_risk_repository_mapping.md

If maintainers say yes, I will open a docs PR. If no, no PR will follow.

Henri Sirkkavaara [email protected] https://github.com/vaaraio/vaara