n8n workflow automation
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: n8n-workflow-automation Version: 1.0.0 The skill is designed to generate n8n workflow JSON and a runbook. The `SKILL.md` file contains explicit and strong security instructions for the AI agent, including 'DO NOT USE WHEN… You need to bypass security controls or hide audit trails' and 'Do not include secrets in JSON; reference env vars/credential names only'. It also instructs the agent to 'STOP AND ASK THE USER if… credential strategy (env vars) is not specified, … the workflow needs privileged access not yet approved', and to 'Prefer least privilege'. These instructions actively mitigate prompt injection risks and prevent the generation of insecure or malicious outputs, aligning with a benign classification.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the user imports and activates a generated workflow in n8n, it may send emails, write rows, upload files, or call APIs depending on the requested design.
The skill can generate importable automation JSON. This is central to the stated purpose and requires explicit user request, but imported workflows should be reviewed before activation because they may automate actions in connected systems.
If explicitly requested: `workflow.json` (n8n importable JSON) + `runbook.md`
Review the generated workflow JSON, credentials, destinations, and activation settings in n8n before enabling it.
Generated workflows may store run details, errors, or failed records in Sheets, databases, or other review queues selected by the user.
The workflow designs intentionally include persistent logging and review queues. This supports auditability, but logs and error details can contain sensitive operational or payload data if not scoped carefully.
generate `run_id`, log start/end, store status row and error details
Limit logged fields to what is operationally necessary, avoid storing secrets or unnecessary personal data, and choose protected destinations for logs and review queues.