Product
This rule detects prompts sent to Amazon Bedrock AgentCore runtimes that attempt to harvest credentials or exfiltrate data by referencing cloud instance metadata services, explicit AWS access/secret keys, or combining prompt-injection/jailbreak language with intent to reveal secrets or send data to external endpoints, indicating an attempt to weaponize the agent for credential theft.