n8n-validation-expert
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Indirect Prompt Injection Surface.
- Ingestion points: The skill processes potentially untrusted n8n node configurations and validation error messages provided by the user or external systems during the validation loop. (Files: SKILL.md, ERROR_CATALOG.md)
- Boundary markers: There are no instructions defining the use of delimiters or security headers (e.g., 'ignore embedded instructions') when parsing external node data.
- Capability inventory: The skill enables the agent to use workflow-modifying tools, specifically
n8n_update_partial_workflowandn8n_autofix_workflow(SKILL.md), which could be manipulated if an injection is successful. - Sanitization: While the skill describes 'Auto-Sanitization' for the structural integrity of operators, it does not include sanitization or validation of the input content to prevent instruction-based prompt injection.
Audit Metadata