Back to skill

Security audit

Super Lap Adobe Experience Manager Aem Api

Security checks across malware telemetry and agentic risk

Overview

This AEM API skill is not malicious, but it exposes powerful administrative actions without enough safety guidance or confirmation requirements.

Install only if you intend to let an agent help administer AEM. Use a least-privilege credential, prefer non-production environments, and require explicit human confirmation before any POST, DELETE, password, truststore, SSL, package, replication, or system configuration action.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Tool MisuseTool Parameter Abuse, Chaining Abuse, Unsafe Defaults
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The skill uses broad natural-language trigger examples such as 'Create a ...' and 'List all ...' that map directly to sensitive AEM administrative endpoints without requiring intent verification or safety qualifiers. In an agent setting, these loose mappings can cause unsafe endpoint selection from ordinary user phrasing, increasing the chance of unauthorized config changes, package actions, or credential-related operations.

Missing User Warnings

High
Confidence
97% confidence
Finding
The skill presents numerous high-risk AEM endpoints, including configuration changes, password operations, truststore handling, package management, replication control, and delete actions, but provides no warnings, authorization expectations, or operational safeguards. This omission makes the skill materially more dangerous because it normalizes powerful admin workflows and may lead an agent to perform destructive or security-sensitive actions without adequate user validation.

Tool Parameter Abuse

High
Category
Tool Misuse
Content
- "List all filter.tidy.2.json?" -> GET /etc/packages/{group}/{name}-{version}.zip/jcr:content/vlt:definition/filter.tidy.2.json
- "Get agents.{runmode}.-1.json details?" -> GET /etc/replication/agents.{runmode}.-1.json
- "Get agents.{runmode} details?" -> GET /etc/replication/agents.{runmode}/{name}
- "Delete a agents.{runmode}?" -> DELETE /etc/replication/agents.{runmode}/{name}
- "Create a treeactivation.html?" -> POST /libs/replication/treeactivation.html
- "Create a authorizable?" -> POST /libs/granite/security/post/authorizables
- "Create a setpassword.jsp?" -> POST /crx/explorer/ui/setpassword.jsp
Confidence
95% confidence
Finding
DELETE /etc/replication/agents.{runmode}/{name}

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.