n8n-code-python
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Prompt Injection (SAFE): No instructions attempting to bypass safety filters or override agent constraints were found. The instructional content is strictly focused on technical guidance for n8n.
- Data Exposure & Exfiltration (SAFE): No hardcoded credentials or sensitive file paths were detected. The skill explicitly notes that external libraries like 'requests' are unavailable, preventing network-based exfiltration from within the code node context.
- Unverifiable Dependencies (SAFE): The skill repeatedly warns users that external packages cannot be installed or used, promoting the use of the standard library and built-in n8n nodes instead.
- Indirect Prompt Injection (LOW): As a data-processing skill, it naturally handles untrusted input.
- Ingestion points: Untrusted data enters via
_input.all()and_input.first()as described in README.md. - Boundary markers: No explicit instructions for delimiting untrusted data are provided.
- Capability inventory: The skill utilizes the Python standard library (re, json, hashlib) for processing.
- Sanitization: While it provides patterns for safe dictionary access (e.g.,
.get()), it does not specifically address input sanitization for security purposes.
Audit Metadata