aem-rde
Pass
Audited by Gen Agent Trust Hub on May 11, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface because it processes untrusted data from an external environment while possessing destructive capabilities.
- Ingestion points: The skill uses commands like
aio aem rde logs,aio aem rde status, andaio aem rde historyto retrieve data (log entries, artifact metadata) from the remote AEM environment into the agent's context. - Boundary markers: No specific delimiters or instructions to ignore embedded commands are present in the skill to protect the agent from potential instructions contained within the logs or history it reads.
- Capability inventory: The skill has powerful capabilities, including
aio aem rde install(deploying code/config),aio aem rde delete, andaio aem rde reset(environment modification/deletion). - Sanitization: There is no evidence of sanitization or filtering of the content retrieved from logs before it is processed by the agent.
- [EXTERNAL_DOWNLOADS]: The skill facilitates the download and installation of external components from the vendor and user-provided sources.
- Plugin installation: It instructs users to install the
@adobe/aio-cli-plugin-aem-rdeplugin. As a vendor-owned resource, this is documented neutrally. - Artifact deployment: The
aio aem rde installcommand supports deploying artifacts from public URLs (http/https). This is a core feature for managing RDEs and is consistent with the skill's purpose.
Audit Metadata