View a markdown version of this page

Data protection for the AWS CLI - Agent Toolkit for AWS
No customer dataWhat the AWS CLI sendsTrust model for skillsSearch query privacy

Data protection for the AWS CLI

This topic describes data protection when you use the AWS CLI to discover and install AWS-vended agent skills (the aws configure agent-toolkit and aws agent-toolkit commands). These commands communicate with an unauthenticated, read-only endpoint over HTTPS. For data protection information about the AWS MCP Server (the authenticated component that executes AWS API calls on your behalf), see Data protection in AWS MCP Server.

No customer data

The AWS CLI does not send customer data when fetching or searching for skills. The endpoint has no concept of customer identity and persists no per-customer state.

What the AWS CLI sends

When you run aws configure agent-toolkit or an aws agent-toolkit command, the AWS CLI sends only the following data:

  • Skill identifiers (for example, via --skill-name or via --skill-version) or in case of the aws agent-toolkit search-skills command, a search query that you provide with --search-query on the command line.

  • Standard HTTP request metadata, such as the User-Agent header and your client's source IP address.

The AWS CLI does not send your AWS credentials, account information, or IAM principal when fetching skills. For more information, see IAM for the AWS CLI.

Trust model for skills

Skills fetched by the AWS CLI are AWS-vended content. Treat them the same as AWS-published guidance: they describe operations that an AI coding agent can perform on your behalf using your IAM credentials. The skill content itself does not carry AWS permissions — the agent uses your existing credentials to execute any operation it derives from a skill, so IAM remains the authoritative authorization control. To constrain what an agent can do, scope down the IAM role you use with the AWS MCP Server to the minimum permissions required for the task. For more information, see Identity and access management for AWS MCP Server.

Search query privacy

When you use commands such as aws agent-toolkit search-skills, the natural-language search query you provide (for example, "deploy a Lambda with environment variables") is sent to AWS over TLS and may appear in service operational logs.

Important

Do not include confidential or sensitive information in search queries. As with tags and other free-form text fields you submit to AWS services, treat search queries as potentially observable by AWS for operational purposes.