feat: AgentCore tool search plugin for Strands Agents#494
Open
senthilkumarmohan wants to merge 2 commits into
Open
feat: AgentCore tool search plugin for Strands Agents#494senthilkumarmohan wants to merge 2 commits into
senthilkumarmohan wants to merge 2 commits into
Conversation
senthilkumarmohan
requested a deployment
to
manual-approval
GitHub Actions
Waiting
senthilkumarmohan
requested a deployment
to
manual-approval
GitHub Actions
Waiting
senthilkumarmohan
requested a deployment
to
manual-approval
GitHub Actions
Waiting
senthilkumarmohan
requested a deployment
to
manual-approval
GitHub Actions
Waiting
senthilkumarmohan
requested a deployment
to
manual-approval
GitHub Actions
Waiting
senthilkumarmohan
requested a deployment
to
manual-approval
GitHub Actions
Waiting
senthilkumarmohan
requested a deployment
to
manual-approval
GitHub Actions
Waiting
senthilkumarmohan
requested a deployment
to
manual-approval
GitHub Actions
Waiting
senthilkumarmohan
requested a deployment
to
manual-approval
GitHub Actions
Waiting
notgitika
requested changes
May 27, 2026
Contributor
notgitika
left a comment
notgitika
left a comment
There was a problem hiding this comment.
thanks for contributing! added some comments
Comment on lines
+11
to
+16
| INTENT_SYSTEM_PROMPT = ( | ||
| "You are an intent classifier. Given the recent conversation messages, " | ||
| "produce a concise one-sentence description of what the user is trying to accomplish. " | ||
| "Focus on the type of task, not the specific details. " | ||
| "Reply with ONLY the intent description, nothing else." | ||
| ) |
Contributor
There was a problem hiding this comment.
could this be prone to user manipulation? like ignore all previous instructions and... is there a way we can validate that?
Author
There was a problem hiding this comment.
DefaultIntentProvider uses the agent's model (which can be configured with Bedrock Guardrails). Users can also pass a custom BedrockModel with guardrails attached via the constructor. Additionally, the intent classifier has a constrained system prompt, no tools, and only receives user-typed messages — so the worst case of prompt injection is a poor search query, not code execution or data leakage.
Open to recommendations if you think we should add additional hardening here.
Codecov Report❌ Patch coverage is Additional details and impacted files@@ Coverage Diff @@
## main #494 +/- ##
=======================================
Coverage ? 89.47%
=======================================
Files ? 89
Lines ? 7745
Branches ? 1157
=======================================
Hits ? 6930
Misses ? 517
Partials ? 298
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
senthilkumarmohan
force-pushed
the
feat/agentcore-tool-search
branch
from
8165cda to
287ed95
Compare
senthilkumarmohan
requested a deployment
to
manual-approval
GitHub Actions
Waiting
senthilkumarmohan
requested a deployment
to
manual-approval
GitHub Actions
Waiting
senthilkumarmohan
requested a deployment
to
manual-approval
GitHub Actions
Waiting
senthilkumarmohan
requested a deployment
to
manual-approval
GitHub Actions
Waiting
senthilkumarmohan
requested a deployment
to
manual-approval
GitHub Actions
Waiting
senthilkumarmohan
requested a deployment
to
manual-approval
GitHub Actions
Waiting
senthilkumarmohan
requested a deployment
to
manual-approval
GitHub Actions
Waiting
senthilkumarmohan
requested a deployment
to
manual-approval
GitHub Actions
Waiting
senthilkumarmohan
requested a deployment
to
manual-approval
GitHub Actions
Waiting
senthilkumarmohan
requested a deployment
to
manual-approval
GitHub Actions
Waiting
senthilkumarmohan
requested a deployment
to
manual-approval
GitHub Actions
Waiting
senthilkumarmohan
requested a deployment
to
manual-approval
GitHub Actions
Waiting
senthilkumarmohan
requested a deployment
to
manual-approval
GitHub Actions
Waiting
senthilkumarmohan
requested a deployment
to
manual-approval
GitHub Actions
Waiting
senthilkumarmohan
requested a deployment
to
manual-approval
GitHub Actions
Waiting
senthilkumarmohan
requested a deployment
to
manual-approval
GitHub Actions
Waiting
senthilkumarmohan
requested a deployment
to
manual-approval
GitHub Actions
Waiting
senthilkumarmohan
requested a deployment
to
manual-approval
GitHub Actions
Waiting
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description of changes:
This pull request introduces the AgentCore Tool Search Plugin for Strands Agents, enabling dynamic semantic tool discovery from AgentCore Gateway based on conversation intent.
AgentCore Tool Search Plugin:
AgentCoreToolSearchPluginthat hooks intobefore_invocationto derive user intent from conversation history, search the gateway viax_amz_bedrock_agentcore_search, and dynamically register matching tools into the agent. (src/bedrock_agentcore/gateway/integrations/strands/plugins/agentcore_tool_search/plugin.py)IntentProviderabstract interface for pluggable intent derivation strategies. (src/bedrock_agentcore/gateway/integrations/strands/plugins/agentcore_tool_search/intent_providers/intent_provider.py)DefaultIntentProviderwhich uses an LLM to classify the last N messages into a concise intent string, with support for explicit model override or automatic reuse of the agent's model. (src/bedrock_agentcore/gateway/integrations/strands/plugins/agentcore_tool_search/intent_providers/default_intent_provider.py)Documentation and Examples:
src/bedrock_agentcore/gateway/integrations/strands/plugins/agentcore_tool_search/README.md)Testing and Validation:
tests/bedrock_agentcore/gateway/integrations/strands/test_agentcore_tool_search_plugin.py,tests/bedrock_agentcore/gateway/integrations/strands/test_intent_providers.py)tests_integ/gateway/integrations/test_agentcore_tool_search_plugin.py,tests_integ/gateway/integrations/lambda_function/lambda_function.py)By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.