docs: cover payments, policies/guardrails, insights, harness, datasets, web-search#1577
Merged
Merged
Conversation
…s, web-search The README and the vended AGENTS.md (copied into every agentcore create project as the AI-assistant context file) had grown stale relative to the feature surface. Several capabilities had docs in docs/ but no mention in the README, and the AGENTS.md customers see still listed only the original handful of resource types. README.md - Broaden 'add'/'remove' descriptions to enumerate the actual resource types (15+ now, was 'agents, memory, credentials, evaluators, targets') - Add command-table sections: Knowledge Bases, Insights ([preview]), Harness, Policies & Guardrails, Payments, Datasets, Web Search Gateway Targets — each linking to docs/ where one already exists - Refresh Capabilities to list the actual feature set - Group Documentation links into Reference / Resources & features / Evaluation & quality / Operations and add the missing entries (payments, container-builds, transaction_search, telemetry, tui-harness, PERMISSIONS, TESTING) src/assets/agents/AGENTS.md - AgentCoreProjectSpec resource list now reflects every top-level array in the schema (was missing onlineInsightsConfigs, knowledgeBases, harnesses, policyEngines, policies, payments, configBundles, datasets, runtimeEndpoints) - Key Types covers the new resource shapes - Common Enum Values adds PaymentProvider, PolicyEnforcementMode, GuardrailContentFilter (the spelled-out 'INSULTS' enum so AI assistants emit the canonical name) - CLI Commands replaced with grouped tables (lifecycle / resources / jobs / config bundles & datasets / observability / utilities) so the customer-vended file matches what the CLI actually exposes
This was referenced Jun 18, 2026
agentcore-devx-automation
Bot
added
the
claude-security-reviewing
github-actions
Bot
added
the
agentcore-harness-reviewing
Contributor
|
Claude Security Review: no high-confidence findings. (run) |
agentcore-devx-automation
Bot
removed
the
claude-security-reviewing
Contributor
Package TarballHow to installgh release download pr-1577-tarball --repo aws/agentcore-cli --pattern "*.tgz" --dir /tmp/pr-tarball
npm install -g /tmp/pr-tarball/aws-agentcore-0.20.1.tgz |
github-actions
Bot
removed
the
agentcore-harness-reviewing
avi-alpert
reviewed
Jun 18, 2026
…@preview Per Avi's review on PR aws#1577 — harness commands are only registered in preview builds (registry.ts:26 gates HarnessPrimitive on isPreviewEnabled()), so a GA-tarball user reading the main README would hit 'unknown command' if they tried any of the harness commands. Add a [preview] tag to the section header and a one-line install hint.
agentcore-devx-automation
Bot
added
the
claude-security-reviewing
Contributor
|
Claude Security Review: no high-confidence findings. (run) |
agentcore-devx-automation
Bot
removed
the
claude-security-reviewing
avi-alpert
reviewed
Jun 18, 2026
avi-alpert
requested changes
Jun 18, 2026
Avi spotted that 'add harness --tool' and 'add harness --skill' are
wrong: tool and skill are top-level subcommands under add, not flags
on add harness. Verified against src/cli/cli.ts:137-139
(registerAddTool/registerAddSkill) and src/cli/commands/add/{tool,skill}-command.ts.
Real shape: 'agentcore add tool --harness <name> --type <type>' and
'agentcore add skill --harness <name> --path|--s3|--git'. Also clarified
'add harness' is just runtime + model + memory — tools and skills get
added separately afterward.
Audited every other command row in the README against the source while
in here. Everything else (config-bundle aliases, run/view/pause/resume/
stop/promote/archive subcommands, evals history, online-eval/insights
pairs, payment commands, policy-engine/policy, knowledge-base, dataset
subcommands, web-search via gateway-target connector) matches what the
CLI actually exposes.
agentcore-devx-automation
Bot
added
the
claude-security-reviewing
avi-alpert
reviewed
Jun 18, 2026
Contributor
|
Claude Security Review: no high-confidence findings. (run) |
agentcore-devx-automation
Bot
removed
the
claude-security-reviewing
Two more mismatches found while addressing Avi's review of PR aws#1577: - 'agentcore run ingest' in the vended AGENTS.md said 'Ingest dataset rows for evaluation' but the actual command is for knowledge base ingestion. Source description (run/command.tsx:657) is 'Start a fresh ingestion job for every data source on a deployed knowledge base.' — --name <name> validates against project.knowledgeBases. Updated the AGENTS.md row + regenerated the snapshot. - Payments commands carry [preview] tags in source (PaymentManagerPrimitive.ts:325, PaymentConnectorPrimitive.ts:317 and the matching remove counterparts) but the README's Payments section had no preview tag. Added [preview] to the section header + 'npm install -g @aws/agentcore@preview' install hint, mirroring what we did for Harness. Audited every other command's .description() text in source vs my README/AGENTS.md rows; nothing else mismatched. The remaining feature sections (Knowledge Bases, Policies & Guardrails, Datasets, Config Bundles, A/B Tests, Evaluations) are not preview-gated in source.
agentcore-devx-automation
Bot
added
the
claude-security-reviewing
Contributor
|
Claude Security Review: no high-confidence findings. (run) |
agentcore-devx-automation
Bot
removed
the
claude-security-reviewing
aidandaly24
approved these changes
Jun 18, 2026
avi-alpert
reviewed
Jun 18, 2026
Per maintainer guidance, Payments is available in both GA and preview releases — only Harness is preview-only. The [preview] prefix in the PaymentManager/PaymentConnector source descriptions is just a label hint for the help text, not a build-gating indicator. Drop the tag and the install hint from the README's Payments section.
agentcore-devx-automation
Bot
added
the
claude-security-reviewing
Contributor
|
Claude Security Review: no high-confidence findings. (run) |
agentcore-devx-automation
Bot
removed
the
claude-security-reviewing
avi-alpert
approved these changes
Jun 18, 2026
aidandaly24
approved these changes
Jun 18, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Why
Two customer-facing docs had drifted from the actual feature surface:
add/removedescriptions, and several features that already haddocs/*.mdfiles (payments, knowledge bases, container builds, transaction search, telemetry, tui-harness) weren't surfaced anywhere in the README.src/assets/agents/AGENTS.md— the AI-assistant context file we vend into everyagentcore createproject. ItsAgentCoreProjectSpecresource list was missing 9+ top-level arrays that customers can edit (onlineInsightsConfigs,knowledgeBases,harnesses,policyEngines,policies,payments,configBundles,datasets,runtimeEndpoints), so AI assistants pointed at the file would happily fabricate the wrong shapes when asked to add those resources.What changed
README.mdadd/removedescriptions broaden from "agents, memory, credentials, evaluators, targets" to the full 15+ resource typesdocs/files:[preview](run insights,add online-insights,pause/resume online-insights,view insights,archive insights)add harness+export harness, with theEXPORT_NOTES.mdreminder)add policy-engine,add policy— including the canonical Bedrock content-filter enum:VIOLENCE | HATE | SEXUAL | MISCONDUCT | INSULTS)add payment-manager,add payment-connector)add dataset,dataset download/publish-version/remove-version)src/assets/agents/AGENTS.md(vended to every customer project)PaymentProvider,PolicyEnforcementMode,GuardrailContentFilter— the spelled-outINSULTSenum so AI assistants emit the canonical name (issue TUI/CLI acceptsINSULTas a contentFilter value, fails CFN deploy with ValidationException #1571 was a manifestation of the wrong-spelling problem)Snapshot
src/assets/__tests__/__snapshots__/assets.snapshot.test.ts.snapupdated vianpm run test:update-snapshotsper the convention inAGENTS.md.Out of scope (filed as follow-ups)
The features without their own
docs/*.mdfile get a brief table-row treatment in the README but no dedicated guide. Worth filing as separate issues:docs/insights.mddocs/harness.mddocs/policies.mddocs/datasets.mdThe internal contributor
AGENTS.md(/AGENTS.mdat repo root) is also slightly stale on the primitives list andrun/view/archive/stop/promotecommands — left for a separate PR since it's not customer-facing.Verification
npm run typecheck✅npm run test:unit✅ (5396/5396, snapshot updated)npm run test:update-snapshots✅npx prettier --check✅