Skills
skills/n8n-io/n8n/n8n-cli/Gen Agent Trust Hub

n8n-cli

Pass

Audited by Gen Agent Trust Hub on Mar 22, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the n8n-cli tool to perform administrative tasks, including workflow management, credential creation, and project operations.
  • [EXTERNAL_DOWNLOADS]: The skill facilitates network communication with external n8n instances via the n8n-cli tool which acts as a REST API client.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it retrieves and processes untrusted data from external n8n instances.
  • Ingestion points: n8n-cli workflow get, n8n-cli execution get, and various list commands in SKILL.md that fetch data from the instance.
  • Boundary markers: The instructions do not specify any delimiters or warnings to ignore embedded instructions in the fetched data.
  • Capability inventory: The agent has access to n8n-cli for system management, as well as Read and Write tools for local file system access.
  • Sanitization: No explicit sanitization, validation, or escaping of data retrieved from the API is implemented.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 22, 2026, 09:56 AM