Skills
skills/thinkfleetai/thinkfleet-engine/n8n-automation/Gen Agent Trust Hub

n8n-automation

Pass

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses standard CLI tools like curl and jq to interact with the n8n API and process results. While these are necessary for the skill's purpose, they involve executing shell commands based on user-provided environment variables.
  • [DATA_EXFILTRATION]: Network operations are conducted using curl to send and receive data from the n8n instance specified in N8N_API_URL. Users should ensure they only connect to trusted n8n instances as the API key is transmitted in the request headers.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) because it retrieves and processes external data from the n8n API that could be influenced by third parties.
  • Ingestion points: Content is ingested from n8n API endpoints such as /workflows and /executions as shown in SKILL.md.
  • Boundary markers: Absent. The instructions do not define delimiters or provide 'ignore instructions' warnings for data fetched from the API.
  • Capability inventory: The skill utilizes curl for network requests and jq for parsing structured data.
  • Sanitization: Absent. There are no explicit validation or sanitization steps mentioned to filter the external content before the agent processes it.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 1, 2026, 05:14 AM