Deploy production LangGraph agents on AWS Bedrock AgentCore. Use for (1) multi-agent systems with orchestrator and specialist agent patterns, (2) building stateful agents with persistent cross-session memory, (3) connecting external tools via AgentCore Gateway (MCP, Lambda, APIs), (4) managing shared context across distributed agents, or (5) deploying complex agent ecosystems via CLI with production observability and scaling.
Security Analysis
medium confidenceThe skill appears to be a coherent AWS AgentCore + LangGraph deployment guide, but it implicitly requires AWS credentials and command-line tools (aws, jq, pip) that are not declared — this mismatch and the ability to create/list AWS resources warrants caution.
The name/description match the provided content (deploying LangGraph agents on AWS AgentCore). However the packaged scripts and instructions rely on the AWS CLI, jq, and pip-installed Python packages to create and manage cloud resources. The skill metadata does not declare required binaries or credentials even though deploying/inspecting AgentCore resources requires AWS credentials and CLI tooling.
SKILL.md gives step-by-step install and deployment commands (pip installs, 'agentcore' CLI usage, gateway deploy, memory APIs) that will create and manage AWS resources and auto-inject env vars. The instructions reference environment variables (e.g., BEDROCK_AGENTCORE_MEMORY_ID) and show examples accessing os.getenv, but requires.env is empty — the runtime instructions therefore implicitly rely on cloud credentials/config and on local tools not declared in the manifest. The instructions do not instruct collection or exfiltration of unrelated local data, but they do direct the agent/operator to run commands that will enumerate and modify AWS resources (list-agent-runtimes, list-memories, create gateways, etc.).
There is no formal install spec (instruction-only), which is lower risk. SKILL.md instructs pip installs for known packages (bedrock-agentcore, langgraph and related toolkits) — these are standard package installs from PyPI and not downloads from arbitrary URLs. The one ambiguous command is `uv tool install bedrock-agentcore-starter-toolkit` (unclear which 'uv' tool is referenced); that should be clarified before automatic execution.
The skill declares no required environment variables or primary credential, yet the runtime examples and scripts clearly require AWS credentials (AWS_PROFILE or AWS_ACCESS_KEY_ID/AWS_SECRET_ACCESS_KEY), AWS_REGION, and expect the AWS CLI and jq to be available. It also references auto-injected variables (BEDROCK_AGENTCORE_MEMORY_ID, etc.) that will only exist after deployment. The mismatch between declared requirements and actual needed credentials/tools is disproportionate and meaningful.
always is false and the skill does not request permanent platform presence. The skill's files are instruction-and-script oriented and do not attempt to modify other skills or system-wide agent settings.
Guidance
This skill is largely what it claims (an AWS AgentCore + LangGraph deployment guide), but proceed carefully: - Expect to need the AWS CLI, jq, Python, and valid AWS credentials (profile or ACCESS_KEY/SECRET) to run the examples and scripts — those are not declared in the skill metadata. The scripts will list/create/inspect AgentCore resources, so they require IAM permissions (bedrock-agentcore-control actions, logs access). Review and limit IAM permissions before use. - The SKILL.md runs pip installs for third-party packages (bedrock-agentcore, langgraph, and checkpoint packages). If you plan to run these locally, validate package names and sources (PyPI) and consider using a virtualenv. - The ambiguous command `uv tool install ...` should be clarified; don't run unclear commands without understanding the tool they invoke. - Scripts call AWS APIs and CloudWatch logs (they will read/list resources). If you run them, do so in an isolated/test AWS account or with a least-privilege role to avoid accidental resource creation or data exposure. - If you need to allow this skill to run autonomously, be extra cautious: autonomous runs combined with cloud access increases blast radius. Because the manifest omits required credentials, that omission is a red flag — ask the publisher to explicitly list required binaries and environment variables (AWS credentials, region, jq, aws CLI) and confirm the provenance of the referenced Python packages before installing or granting access.
Latest Release
v1.0.2
From Foundry: Deploy production LangGraph agents on AWS Bedrock AgentCore. Use for (1) multi-a
More by @killerapp
Published by @killerapp on ClawHub
