Back to skill

Security audit

n8n API

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward n8n API helper, but it can change live workflows and other n8n resources when used with a powerful API key.

Install only if you want OpenClaw to help operate your n8n instance. Use a dedicated least-privileged API key, avoid storing it in plain text when possible, and explicitly review any production-changing action such as activating, deactivating, retrying, deleting, transferring, changing roles, or triggering production webhooks.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill documents activate/deactivate operations for workflows but does not warn that these actions change live automation state and can immediately disrupt or enable production behavior. In an agent-driven context, omission of this warning increases the chance of unintended service interruption or accidental activation of incomplete workflows.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The retry example can rerun workflow logic that may send messages, charge payments, modify records, or trigger downstream systems again, but the skill does not disclose that side effects may be repeated. In an automation platform skill, that omission is especially risky because retries are easy to invoke and often operate on previously failed real-world transactions.

VirusTotal

52/52 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.