v1.0.0

n8n Hub

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 5:14 AM.

Analysis

This is a coherent n8n helper, but it documents broad n8n API actions that could change or delete workflows, users, credentials, projects, and data without clear confirmation limits.

GuidanceInstall only if you intend to let the agent help operate your n8n instance. Use a least-privilege API key, avoid storing it in plaintext shared config files, and require explicit confirmation before any activate, deactivate, retry, delete, credential, user, project, or data-table operation.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation

SeverityMediumConfidenceHighStatusConcern

assets/endpoints-api.md

DELETE `/workflows/{id}` | Delete workflow; PATCH `/users/{id}/role` | Change user's global role; DELETE `/credentials/{id}` | Delete credential; DELETE `/projects/{projectId}` | Delete project

The endpoint index exposes broad destructive and administrative API operations, not just workflow listing or debugging, and the artifacts do not add approval or scoping rules for these high-impact calls.

User impactIf the agent is given a capable n8n API key, mistaken or overbroad API use could delete or alter workflows, credentials, users, projects, or operational data.

RecommendationUse this only with explicit user approval for every mutating action, restrict operations to named workflow IDs/projects, and avoid using admin-capable keys unless absolutely necessary.

Cascading Failures

SeverityLowConfidenceHighStatusNote

SKILL.md

### Webhook trigger ... POST "$N8N_API_BASE_URL/../webhook/{webhook-path}" ... ### Executions: retry ... "$N8N_API_BASE_URL/executions/{id}/retry"

Retrying executions or triggering webhooks can cause connected n8n workflows to run again, potentially affecting downstream systems such as email, Drive, databases, or other integrations.

User impactA wrong retry or webhook call could duplicate messages, records, files, or other workflow side effects.

RecommendationConfirm the workflow, execution ID, payload, and expected side effects before triggering or retrying, and prefer test workflows or idempotent designs.

Agentic Supply Chain Vulnerabilities

SeverityInfoConfidenceHighStatusNote

metadata

Source: unknown; Homepage: none; No install spec — this is an instruction-only skill.

The provided artifacts have limited provenance, though the absence of code or install steps reduces executable supply-chain risk.

User impactUsers have less external context for trusting the publisher before providing an n8n API key.

RecommendationVerify the publisher and review the instructions before installing or entering credentials.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityMediumConfidenceHighStatusNote

SKILL.md

Suggested environment variables (or store in `.n8n-api-config`): ... export N8N_API_KEY="your-api-key-here" ... All requests must include: X-N8N-API-KEY: $N8N_API_KEY

The skill depends on a delegated n8n API key. That is purpose-aligned for n8n operations, but it is sensitive authority and is not declared in the registry credential metadata.

User impactAnyone or any agent process using this key may be able to act on the user's n8n instance according to that key's permissions.

RecommendationCreate the least-privileged n8n API key possible, keep it out of shared files, rotate it if exposed, and do not provide an owner/admin key unless the requested task truly requires it.