Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
N8n Operator
v1.4.0通过 n8n REST API 设计、创建、修改、激活和管理工作流,实现无服务器完全操控 n8n 自动化流程。
⭐ 0· 68·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill's name/description (n8n workflow operator) matches the included code and docs: the scripts and SKILL.md implement listing, creating, updating, activating, executing workflows and credential handling. However the registry metadata claims 'Required env vars: none' and 'Primary credential: none' while both SKILL.md and the Python scripts require N8N_BASE_URL and N8N_API_KEY. This mismatch is incoherent and should be fixed.
Instruction Scope
SKILL.md gives detailed runtime instructions that are broadly consistent with the skill's purpose (validate connectivity, create/update/activate workflows, require X-N8N-API-KEY header). But SKILL.md explicitly documents n8n 2.x rules (e.g., 'PATCH not supported' and 'use POST /workflows/{id}/activate') while the shipped Python client uses PATCH for updates and activation endpoints (N8nClient.update_workflow/activate_workflow call PATCH to workflows/{id}). This conflict between docs and code can cause API errors or unintended behavior. The SKILL.md also includes a full-looking example API key string inline (example), which could be mistaken for a default credential.
Install Mechanism
There is no install spec (instruction-only in registry), but the package includes Python scripts and reference docs. No network-based installer or remote download was declared. Having files included is normal; no elevated install mechanism risk was found.
Credentials
The scripts and SKILL.md legitimately require two environment variables (N8N_BASE_URL and N8N_API_KEY) and use an API key auth header. That is proportional to an n8n operator. The problem is the registry metadata fails to declare these env requirements, which is a notable inconsistency. Additionally, SKILL.md shows an explicit example API key value inline — users should not treat that as a default or paste real credentials into an example. No unrelated credentials appear requested in code.
Persistence & Privilege
The skill does not request always:true, does not modify other skills' configs, and does not request system-wide paths or privileges. It behaves as an external API client and runs only when invoked; persistence/privilege level appears appropriate.
What to consider before installing
This skill's functionality (managing n8n via REST API) is plausible, but before installing or providing credentials: 1) Do not supply production API keys until you confirm which environment variables the skill expects — registry metadata omits N8N_BASE_URL and N8N_API_KEY even though both the SKILL.md and scripts require them. 2) Verify the endpoint/method behavior: SKILL.md warns that n8n 2.x disallows PATCH and uses POST /workflows/{id}/activate, yet the included Python client uses PATCH for updates/activation — ask the author to clarify and correct either the docs or code. 3) Treat the example API key in SKILL.md as a placeholder only and never reuse it; rotate any key if you accidentally paste a real credential. 4) Test the skill in a sandboxed n8n instance (not production) to confirm it behaves as expected. 5) Prefer to get corrected metadata (declare required env vars) and a statement from the publisher about compatibility with your n8n version before granting access to sensitive credentials.Like a lobster shell, security has layers — review code before you run it.
latestvk971wa1d3axtm0v8m5gm4a6q6n84wpy6
License
MIT-0
Free to use, modify, and redistribute. No attribution required.