Skills
skills/aaaaqwq/claude-code-skills/n8n-workflow-automation/Gen Agent Trust Hub

n8n-workflow-automation

Warn

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION] (HIGH): The skill is granted access to the Bash tool, which allows the execution of arbitrary shell commands on the host system, posing a risk of system compromise.
  • [DATA_EXFILTRATION] (MEDIUM): The skill utilizes Read, Write, and Edit tools, allowing for the potential exposure or modification of sensitive local files like configurations or credentials.
  • [PROMPT_INJECTION] (LOW): The skill is susceptible to indirect prompt injection because it processes external n8n workflow definitions. Evidence Chain: (1) Ingestion points: Workflow metadata via mcp__n8n-mcp__get_workflow_details. (2) Boundary markers: Absent from the skill definition. (3) Capability inventory: Bash, Write, Edit, and mcp__n8n-mcp__execute_workflow. (4) Sanitization: No sanitization or validation of retrieved workflow content is specified.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 17, 2026, 05:22 PM