n8n-hub
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [Command Execution] (SAFE): The skill utilizes standard
curlcommands to interact with the n8n API. There are no signs of malicious command injection, privilege escalation, or unsafe pipe-to-shell patterns. - [Data Exposure & Exfiltration] (SAFE): No hardcoded secrets were detected. The skill correctly references environment variables (
N8N_API_KEY) for authentication and does not attempt to access sensitive local system files. - [Prompt Injection] (LOW): The skill is susceptible to indirect prompt injection (Category 8) because it is designed to ingest and process untrusted external data.
- Ingestion points:
SKILL.mdidentifies 'Existing workflow JSON' and 'Sample payloads' as optional inputs for the design and operation tracks. - Boundary markers: Absent. The instructions do not provide delimiters or warnings to the agent to disregard instructions potentially embedded within the input JSON.
- Capability inventory: The skill provides templates for executing
curlrequests that can modify workflows (/activate) or trigger external actions via webhooks. - Sanitization: Absent. No explicit validation or sanitization steps are defined for the incoming data payloads.
Audit Metadata