N8n Workflow Automation Litiao
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: n8n-workflow-automation-litiao Version: 1.0.0 The skill bundle is designed to assist in creating robust and auditable n8n workflows. It includes explicit safety instructions to avoid hardcoding secrets, maintain audit trails, and follow the principle of least privilege, with no evidence of malicious intent or risky code execution in SKILL.md or assets/runbook-template.md.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the generated workflow is imported and activated, it could send emails or write records to connected services according to the design.
The skill may design workflows that write to external systems, which is expected for n8n automation but should be reviewed before import or activation.
Targets: where to write results (email/Drive/Sheet/DB) and required fields.
Review generated workflow nodes, credentials, destination systems, and write actions before importing or enabling the workflow in n8n.
Generated workflows may require service credentials in n8n, so overly broad credentials could grant more access than needed.
The skill anticipates credentials or privileged access for generated workflows, but it instructs the agent to ask the user and avoid embedding secrets.
STOP AND ASK THE USER if: ... credential strategy (env vars) is not specified, - the workflow needs privileged access not yet approved.
Use least-privilege n8n credentials and environment variables, and approve any privileged access explicitly.
Logs and review queues may retain payload details, errors, or status information that could be sensitive depending on the workflow.
The generated workflow design includes persistent audit logging and error details, which is purpose-aligned but may store operational or sensitive data in user-selected locations.
generate `run_id`, log start/end, store status row and error details.
Limit logged fields, avoid storing secrets or unnecessary personal data, and choose secure destinations with appropriate retention rules.