ClawHub

n8n Workflow Management

v0.1.0

Manage n8n workflows and automations via API. Use when working with n8n workflows, executions, or automation tasks - listing workflows, activating/deactivati...

0· 43·0 current·0 all-time
by@droidhackzor
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (n8n workflow management) matches the requested env vars (N8N_API_KEY, N8N_BASE_URL) and the included Python scripts that implement an n8n API client, tester, and optimizer. There are no unrelated credentials, binaries, or config paths requested.
Instruction Scope
SKILL.md limits actions to listing, creating, activating/deactivating, testing, and executing workflows via the n8n API. It also instructs running bundled Python scripts. Important behavior: 'dry-run' and 'execute' operations will actually trigger workflows on your n8n instance, which can cause external side-effects (HTTP requests, database operations, emails, etc.) depending on the workflow. That behavior is expected for this skill but is a runtime safety consideration.
Install Mechanism
There is no install spec (instruction-only), which minimizes supply-chain risk. However, the package includes Python scripts that assume a Python 3 runtime and the 'requests' library; the SKILL.md does not include explicit dependency installation instructions. The code will run locally if the agent or user executes the scripts.
Credentials
Only N8N_API_KEY and N8N_BASE_URL are required and they are appropriate for an n8n API client. The SKILL.md warns about secret storage. No unrelated SECRET/TOKEN env vars are requested.
Persistence & Privilege
always is false and model invocation is enabled (the platform default). The SKILL.md recommends adding credentials to the OpenClaw settings.json (persistence in a centralized config). That is normal but means secrets may be stored in the agent settings file if the user follows the example — the user should ensure that file is protected or use a secret manager.
Assessment
This skill appears to do what it says: it interacts with your n8n instance using N8N_API_KEY and N8N_BASE_URL and provides scripts for listing, validating, testing, executing, and optimizing workflows. Before installing or running it: - Verify you trust the source and inspect the included Python scripts (they are present and readable) before running them. They use the n8n API only and do not contain hidden external endpoints. - Understand that 'execute' and 'dry-run' will trigger workflows on your n8n instance; those workflows may call external APIs, send emails, or touch databases depending on their nodes. Review any workflow content you create or execute to avoid unintended side-effects or data leaks. - Avoid pasting long-lived credentials in shell rc files. If you store the N8N_API_KEY in OpenClaw settings.json, ensure that file is stored securely or use a secret manager and least-privilege API key. - Ensure your environment has Python 3 and the 'requests' package available; the skill provides no automated installer for dependencies. If you need a lower blast radius, consider running validation and dry-run operations against a staging n8n instance or use a limited-permission API key.

Like a lobster shell, security has layers — review code before you run it.

latestvk978rc9jbmm6s6fbc1mhfpyrnd83y6e7

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

⚙️ Clawdis
EnvN8N_API_KEY, N8N_BASE_URL
Primary envN8N_API_KEY

Comments