n8n-node-configuration
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION] (SAFE): No override markers, role-play injections, or instructions to disregard safety guidelines were detected. The language is purely instructional and descriptive of the skill's purpose.
- [DATA_EXPOSURE_AND_EXFILTRATION] (SAFE): No hardcoded credentials, API keys, or sensitive file paths (e.g., .ssh, .aws) are present. The examples provided use generic placeholders and standard API endpoints for demonstration purposes.
- [OBFUSCATION] (SAFE): The content is clear and readable. No Base64 encoding, zero-width characters, or homoglyphs were used to hide malicious intent.
- [UNVERIFIABLE_DEPENDENCIES] (SAFE): No external package installation commands (npm, pip) or remote script executions (curl | bash) were found in the provided file.
- [PRIVILEGE_ESCALATION] (SAFE): There are no attempts to acquire elevated permissions or modify system configurations.
- [INDIRECT_PROMPT_INJECTION] (SAFE): While the skill guides the processing of node metadata, it does not create a surface for untrusted data to bypass agent constraints. It explicitly mentions 'SQL parameterized queries (injection prevention)' as a key insight for users.
Audit Metadata