The Agent Skills Directory

[Indirect Prompt Injection] (HIGH): The skill facilitates an attack surface where the agent processes external data and exerts control over the n8n environment.\n- Ingestion points: SEARCH_GUIDE.md and VALIDATION_GUIDE.md describe tools like search_nodes and get_node that fetch node definitions, properties, and template examples from the external n8n node registry.\n- Boundary markers: The documentation lacks guidance on using delimiters or protective instructions (e.g., 'ignore embedded commands') when the agent processes node data, leaving it susceptible to instructions hidden in node descriptions.\n- Capability inventory: The skill instructs the agent on using high-impact tools such as n8n_create_workflow and n8n_autofix_workflow which can create or modify automation workflows based on information gathered from untrusted sources.\n- Sanitization: The 'Auto-Sanitization System' mentioned in VALIDATION_GUIDE.md is limited to correcting structural logic (e.g., binary vs unary operator metadata) and does not provide sanitization for natural language instructions embedded in external data.

n8n-mcp-tools-expert