ClawHub

n8n workflow automation

Designs and outputs n8n workflow JSON with robust triggers, idempotency, error handling, logging, retries, and human-in-the-loop review queues. Use when you need an auditable automation that won’t silently fail.

MIT-0 · Free to use, modify, and redistribute. No attribution required.
94 · 19.4k · 184 current installs · 189 all-time installs
by@KOwl64
MIT-0
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description (create auditable n8n workflows) matches the contents: SKILL.md describes workflow design steps, idempotency, logging, review queues, and outputs n8n JSON + runbook. It requests no unrelated binaries, installs, or credentials.
Instruction Scope
Runtime instructions are limited to design guidance and producing JSON/runbook. The doc explicitly says 'read-only by default', 'do not include secrets', and instructs the agent to STOP AND ASK when destinations, dedup keys, or credential strategy are unknown. The skill does not instruct the agent to read system files, environment variables, or send data to external endpoints.
Install Mechanism
No install spec or code files are provided (instruction-only), so nothing will be written to disk or executed on install. This is the lowest-risk install posture.
Credentials
The skill declares no required env vars or credentials. It references using env var names/credential references in generated JSON (which is appropriate). It also correctly asks the user for credential strategy before proceeding, avoiding implicit secret access.
Persistence & Privilege
The skill does not request persistent presence (always:false) and does not modify other skills or system settings. Autonomous invocation of skills is allowed by default on the platform but the skill itself does not request elevated privileges.
Assessment
This skill appears coherent and safe as an instruction-only generator for n8n workflows. Before using it: 1) do not paste real secrets into prompts — provide only credential names or placeholders and store actual keys in n8n or your secret store; 2) review generated workflow.json carefully before importing into a live n8n instance (validate endpoints, credential references, and no hard-coded secrets); 3) test outputs in a staging environment and verify idempotency and retry paths; and 4) ensure any human-in-the-loop or failure queues write to systems you control and that appropriate access controls exist. If you plan to let an agent run this skill autonomously, consider restricting what the agent can do with generated files and avoid granting it direct access to production credentials.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.0
Download zip
latestvk97ce4genp94v88tfzst1xyybx7zd8e1

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

n8n workflow automation with retries, logging, and review queues

PURPOSE

Designs and outputs n8n workflow JSON with robust triggers, idempotency, error handling, logging, retries, and human-in-the-loop review queues.

WHEN TO USE

  • TRIGGERS:
    • Build an n8n workflow that runs every Monday and emails the compliance summary.
    • Add error handling and retries to this workflow, plus a review queue for failures.
    • Create a webhook workflow that logs every run and writes a status row to a tracker.
    • Make this n8n flow idempotent so it does not duplicate records when it reruns.
    • Instrument this workflow with audit logs and a human approval step.
  • DO NOT USE WHEN…
    • You need code-only automation without n8n (use a scripting/CI skill).
    • You need to bypass security controls or hide audit trails.
    • You need to purchase or recommend prohibited items/services.

INPUTS

  • REQUIRED:
    • Workflow intent: trigger type + schedule/timezone + success criteria.
    • Targets: where to write results (email/Drive/Sheet/DB) and required fields.
  • OPTIONAL:
    • Existing n8n workflow JSON to modify.
    • Sample payloads / example records.
    • Definition of dedup keys (what makes a record unique).
  • EXAMPLES:
    • Cron: Monday 08:00 Europe/London; send summary email + Drive upload
    • Webhook: receive JSON; route to folders

OUTPUTS

  • Default (read-only): a workflow design spec (nodes, data contracts, failure modes).
  • If explicitly requested: workflow.json (n8n importable JSON) + runbook.md (from template). Success = workflow is idempotent, logs every run, retries safely, and routes failures to a review queue.

WORKFLOW

  1. Clarify trigger:
    • Cron/webhook/manual; schedule/timezone; concurrency expectations.
  2. Define data contract:
    • input schema, required fields, and validation rules.
  3. Design idempotency:
    • choose dedup key(s) and storage (DB/Sheet) to prevent duplicates on retries.
  4. Add observability:
    • generate run_id, log start/end, store status row and error details.
  5. Implement error handling:
    • per-node error branches, retry with backoff, and final failure notification.
  6. Add human-in-the-loop (HITL) review queue:
    • write failed items to a queue (Sheet/DB) and require approval to reprocess.
  7. “No silent failure” gates:
    • if counts/thresholds fail, stop workflow and alert.
  8. Output:
    • If asked for JSON: produce importable n8n workflow JSON + runbook.
  9. STOP AND ASK THE USER if:
    • destination systems are unknown,
    • no dedup key exists,
    • credential strategy (env vars) is not specified,
    • the workflow needs privileged access not yet approved.

OUTPUT FORMAT

If outputting n8n workflow JSON, conform to:

{
  "name": "<workflow name>",
  "nodes": [ { "name": "Trigger", "type": "n8n-nodes-base.cron", "parameters": {}, "position": [0,0] } ],
  "connections": {},
  "settings": {},
  "active": false
}

Also output runbook.md using assets/runbook-template.md.

SAFETY & EDGE CASES

  • Read-only by default; only emit workflow JSON when explicitly requested.
  • Do not include secrets in JSON; reference env vars/credential names only.
  • Include audit logging + failure notifications; avoid workflows that can silently drop data.
  • Prefer least privilege: call only required APIs and minimize scopes.

EXAMPLES

  • Input: “Cron every Monday, email compliance summary, retry failures.”
    Output: Node map + workflow.json with Cron → Fetch → Aggregate → Email, plus error branches to review queue.

  • Input: “Webhook that logs runs and writes status row.”
    Output: Webhook → Validate → Process → Append status row; on error → log + notify + queue.

Files

2 total
Select a file
Select a file to preview.

Comments

Loading comments…