skills/adobe/skills/aem-cli/Gen Agent Trust Hub

aem-cli

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructs the agent to install the @adobe/aem-cli package from the official NPM registry and references the helix-importer-ui repository on GitHub. These are legitimate development tools provided by the vendor.
  • [COMMAND_EXECUTION]: The skill provides a comprehensive set of shell commands for operating the AEM CLI, including starting the local development server (aem up), the import server (aem import), and managing content synchronization (aem content). It also utilizes standard utilities such as curl, mkcert, and openssl for certificate management.
  • [DATA_EXFILTRATION]: The instructions describe how to read an OAuth access token from a local configuration file (.hlx/.da-token.json) and use it to authenticate curl POST requests to the vendor's admin.da.live service. This activity is a documented part of the skill's primary function for synchronizing local content with the remote platform.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 01:30 PM
Security Audit — agent-trust-hub — aem-cli