n8n-cli

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt includes commands that set or pass API keys and credential data directly on the command line or in flags (e.g., n8n-cli config set-api-key, --apiKey/-k, credential create --data='{"apiKey":"..."}'), which would require the agent to include secret values verbatim in generated commands or outputs.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The CLI explicitly reads workflow and execution JSON from a user-configured n8n instance (e.g., n8n-cli workflow get <id> --json against N8N_URL / https://my-instance.n8n.cloud), which can contain arbitrary user-generated/untrusted content that the agent is expected to interpret and can materially influence subsequent actions (e.g., piping/ updating workflows).