Actually, since ASM, AFM, APM and GTM shares the same foundation most Indeni scripts actually works right of the box. Regretably my experience with ASM is limited but I imagine indeni checking if signatures are up to date, actually testing if the servers hosting the signatures is reachable or if there’s undesired combinations of staged/blocking/non-blocking signatures. Indeni could also warn the user if signatures has been in blocking mode for more than X days.
As for APM Indeni could potentially verify active directory connectivity or perhaps track license usage.
The above things are just me brainstorming.