qe-n8n-security-testing
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFE
Full Analysis
- [CREDENTIALS_UNSAFE]: The skill contains comprehensive regex patterns designed to identify hardcoded secrets such as AWS keys, Slack tokens, and JWTs within n8n workflow exports. No actual credentials or sensitive keys are hardcoded within the skill itself.
- [COMMAND_EXECUTION]: Includes TypeScript snippets that use the
fetchAPI to perform security probing of webhooks. These network operations are limited to diagnostic payloads intended to verify authentication enforcement and input sanitization. - [PROMPT_INJECTION]: Employs standard instructional blocks and checklists to guide the AI agent through a security audit. The language is focused on task execution and does not contain attempts to bypass safety filters or override system constraints.
Audit Metadata