This skill is not clearly malicious, but it requests powerful n8n API access while its promised safety controls are mostly guidance rather than enforced protections.
Install only if you are comfortable giving an agent an n8n API key that can affect your workflows. Use a least-privilege n8n key, avoid full mode for production, do not store the API key in shell startup files or plaintext Git credential storage, and treat the advertised confirmations, rate limits, permission modes, and audit logging as guidance unless you independently enforce them. Do not follow the public publishing steps without reviewing files and commit history for secrets first.