n8n workflow automation
PassAudited by ClawScan on May 1, 2026.
Overview
This is a coherent instruction-only skill for designing n8n workflow JSON, with explicit safeguards around credentials, approval, and review before use.
This skill appears safe to install as an instruction-only workflow design helper. Before importing any generated n8n JSON, review the workflow’s destinations, credentials, logging fields, retry behavior, and activation state, and keep secrets out of the JSON.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the user imports and activates a generated workflow in n8n, it may send emails, write rows, upload files, or call APIs depending on the requested design.
The skill can generate importable automation JSON. This is central to the stated purpose and requires explicit user request, but imported workflows should be reviewed before activation because they may automate actions in connected systems.
If explicitly requested: `workflow.json` (n8n importable JSON) + `runbook.md`
Review the generated workflow JSON, credentials, destinations, and activation settings in n8n before enabling it.
Generated workflows may store run details, errors, or failed records in Sheets, databases, or other review queues selected by the user.
The workflow designs intentionally include persistent logging and review queues. This supports auditability, but logs and error details can contain sensitive operational or payload data if not scoped carefully.
generate `run_id`, log start/end, store status row and error details
Limit logged fields to what is operationally necessary, avoid storing secrets or unnecessary personal data, and choose protected destinations for logs and review queues.