n8n Hub

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent n8n API helper, but users should be careful because some documented actions can change live automations.

Install this only for agents you trust to operate your n8n instance. Use least-privilege n8n API keys, confirm whether the target is production or a sandbox before activating or deactivating workflows, and review failed executions before retrying them.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The skill documents activate/deactivate workflow lifecycle actions without any warning that these operations can immediately change production behavior, stop automation, or publish unfinished flows. In an agent context, exposing state-changing API calls as 'quick actions' without confirmation or impact guidance increases the chance of unsafe or unintended operational changes.

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The retry execution example lacks a warning that replaying a failed execution may repeat side effects such as emails, tickets, database writes, or webhook calls. Because the skill itself emphasizes reliability and idempotency, omitting duplicate-effect cautions makes unsafe retries more likely in real deployments.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal