n8n-code-javascript
Warn
Audited by Gen Agent Trust Hub on Feb 14, 2026
Risk Level: MEDIUMPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION] (MEDIUM): The skill instructions facilitate an Indirect Prompt Injection surface by detailing how to ingest untrusted data and perform network operations without accompanying security constraints.
- Ingestion points: Webhook body access ($json.body) and HTTP request results are the primary entry points for untrusted data into the generated scripts.
- Boundary markers: The skill does not provide patterns for using delimiters or boundary markers to isolate untrusted data within generated code logic.
- Capability inventory: The skill describes capabilities including outbound network requests via $helpers.httpRequest and state modification through $getWorkflowStaticData.
- Sanitization: While the skill mentions null checks for error prevention, it lacks guidance on sanitizing or escaping external inputs used in sensitive downstream operations.
- [NO_CODE] (INFO): The analyzed file is documentation (README.md) and contains no executable code or scripts, functioning solely as instructional metadata for an AI agent.
Audit Metadata