n8n-workflow-automation
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION] (LOW): Analysis of Category 8 (Indirect Prompt Injection) reveals an ingestion surface via user-provided JSON and payloads. (1) Ingestion points: SKILL.md (Existing n8n workflow JSON, Sample payloads). (2) Boundary markers: Absent. (3) Capability inventory: No subprocess calls, exec/eval, or file-write capabilities are present in the provided files. (4) Sanitization: Absent.
- [SAFE] (SAFE): The skill provides strong security guidance, directing the agent to use environment variables for credentials and to avoid including secrets in generated JSON files.
- [NO_CODE] (SAFE): No executable scripts, binary files, or external code dependencies are included or referenced in the skill.
Audit Metadata