n8n
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious instructions, obfuscation, or dangerous system commands were found in the skill or its reference files.
- [SAFE]: The skill demonstrates security awareness by explicitly instructing the agent to never expose raw UUIDs, secrets, or database schemas, effectively mitigating accidental data exposure.
- [PROMPT_INJECTION]: A surface for indirect prompt injection exists because the skill processes external execution data from n8n. 1) Ingestion points: The analyzeSchema tool (SKILL.md) inspects state and labels JSONB from n8n events. 2) Boundary markers: Prompt instructions explicitly forbid showing raw payloads or secrets, acting as a logical constraint. 3) Capability inventory: The skill is restricted to data mapping and dashboard preview tools, with no evidence of file writing, network exfiltration, or shell execution. 4) Sanitization: The skill enforces field normalization and status mapping (SKILL.md, field-semantics.yaml) to ensure data is processed into a safe, expected format.
Audit Metadata