N8n Dispatch
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: n8n-dispatch Version: 1.0.0 The skill is designed to forward user input to a user-configured external n8n service, which inherently involves network communication. However, the `commands.yaml` script constructs a JSON payload by directly embedding the user-provided `text` argument (`$prompt`) into a shell string without proper JSON escaping. This vulnerability could allow a malicious user to craft a `prompt` that alters the JSON structure sent to the n8n service (JSON injection), potentially leading to unexpected behavior or security bypasses on the downstream service. While not a direct attack on the OpenClaw agent's host, it represents a risky handling of user input.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the configured n8n workflow performs actions, a dispatch can trigger real workflow or device changes; malformed or unusual prompt text may also confuse the downstream payload parser.
The command forwards user-controlled request type and prompt text to the n8n MCP service. This is the skill's purpose, but action workflows should be scoped, and manual JSON construction can be brittle if prompts contain special characters.
type=$(arguments requestType)
prompt=$(arguments text)
payload="{\"requestType\":\"$type\", \"text\":\"$prompt\"}"
openclaw mcporter call --name "n8n_dispatch" --payload "$payload"Use this only with a trusted, scoped n8n_dispatch workflow; validate requestType and prompt handling in the workflow, and add confirmation or guardrails for action requests.
Prompt contents may leave OpenClaw and be processed by the configured n8n service; if HTTP is used over an untrusted network, that traffic may not be encrypted.
The skill relies on a configured MCP/n8n endpoint and the documented example uses an HTTP URL. Prompts are intentionally sent to that service.
openclaw mcporter add \ --name "n8n_dispatch" \ --url "http://your-n8n-host:8080/api"
Register only a trusted endpoint, prefer localhost/private-network access or HTTPS where possible, and avoid sending sensitive prompts unless the n8n service is intended to receive them.