ClawHub

n8n workflow automation

v1.0.0

Designs and outputs n8n workflow JSON with robust triggers, idempotency, error handling, logging, retries, and human-in-the-loop review queues. Use when you need an auditable automation that won’t silently fail.

117· 25.9k·264 current·276 all-time
by@kowl64
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description (create auditable n8n workflows) matches the contents: SKILL.md describes workflow design steps, idempotency, logging, review queues, and outputs n8n JSON + runbook. It requests no unrelated binaries, installs, or credentials.
Instruction Scope
Runtime instructions are limited to design guidance and producing JSON/runbook. The doc explicitly says 'read-only by default', 'do not include secrets', and instructs the agent to STOP AND ASK when destinations, dedup keys, or credential strategy are unknown. The skill does not instruct the agent to read system files, environment variables, or send data to external endpoints.
Install Mechanism
No install spec or code files are provided (instruction-only), so nothing will be written to disk or executed on install. This is the lowest-risk install posture.
Credentials
The skill declares no required env vars or credentials. It references using env var names/credential references in generated JSON (which is appropriate). It also correctly asks the user for credential strategy before proceeding, avoiding implicit secret access.
Persistence & Privilege
The skill does not request persistent presence (always:false) and does not modify other skills or system settings. Autonomous invocation of skills is allowed by default on the platform but the skill itself does not request elevated privileges.
Assessment
This skill appears coherent and safe as an instruction-only generator for n8n workflows. Before using it: 1) do not paste real secrets into prompts — provide only credential names or placeholders and store actual keys in n8n or your secret store; 2) review generated workflow.json carefully before importing into a live n8n instance (validate endpoints, credential references, and no hard-coded secrets); 3) test outputs in a staging environment and verify idempotency and retry paths; and 4) ensure any human-in-the-loop or failure queues write to systems you control and that appropriate access controls exist. If you plan to let an agent run this skill autonomously, consider restricting what the agent can do with generated files and avoid granting it direct access to production credentials.

Like a lobster shell, security has layers — review code before you run it.

latestvk97ce4genp94v88tfzst1xyybx7zd8e1

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments