n8n-automation

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill retrieves and parses workflow and execution data directly from a user-specified n8n instance (e.g., SKILL.md calls to $N8N_API_URL/workflows and $N8N_API_URL/executions and the "Workflow Summary" / "Debug Failed Execution" steps), which can contain untrusted, user-generated JSON that the agent is expected to interpret and use to decide actions (summaries, fixes, activations), exposing it to indirect prompt-injection risk.