n8n-mcp-tools-expert
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [NO_CODE]: The skill consists entirely of documentation in Markdown format and does not include any executable scripts, binary files, or hardcoded credentials.- [PROMPT_INJECTION]: The skill identifies a surface for Indirect Prompt Injection. It documents tools that fetch external data which could influence agent behavior.
- Ingestion points: The tools
search_templatesandget_templateretrieve user-generated content from the external n8n template library (referenced in SKILL.md). - Boundary markers: No specific delimiters or instructions to ignore embedded commands are provided in the guidance for processing external templates.
- Capability inventory: The skill describes high-privilege operations such as
n8n_create_workflowandn8n_update_partial_workflow(documented in SKILL.md) which allow the modification of workflow logic and execution of code nodes. - Sanitization: While the guide mentions an internal 'Auto-sanitization system' for node structural integrity, there is no mention of sanitization or validation for natural language instructions or scripts contained within external templates.
Audit Metadata