cli-anything-n8n
Pass
Audited by Gen Agent Trust Hub on Apr 18, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Installs the
cli-anything-n8nPython package via pip. This is a tool provided by the author (HKUDS) to interact with the n8n API. - [COMMAND_EXECUTION]: Provides a CLI harness for executing various operations on an n8n instance, such as workflow creation, updates, and execution management.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes data from external sources (n8n API responses and local JSON files).
- Ingestion points: Data enters the agent's context through n8n API responses (e.g., listing workflows or getting execution details) and local files provided via the
@file.jsonsyntax. - Boundary markers: No specific boundary markers or 'ignore' instructions for embedded data are defined in the skill documentation.
- Capability inventory: The skill allows for significant interaction with the n8n platform, including workflow modification and execution deletion.
- Sanitization: The documentation does not specify any sanitization or validation performed on the retrieved data before it is processed by the agent.
Audit Metadata