ClawHub

N8n Workflow Automation Litiao

Designs and outputs n8n workflow JSON with robust triggers, idempotency, error handling, logging, retries, and human-in-the-loop review queues. Use when you...

MIT-0 · Free to use, modify, and redistribute. No attribution required.
0 · 83 · 1 current installs · 1 all-time installs
by@litiao1224
MIT-0
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The skill's name, description, and runtime instructions all focus on designing n8n workflows with idempotency, retries, logging, and review queues — the requested capabilities are appropriate for that purpose. Minor metadata inconsistencies exist: the registry metadata (ownerId and slug) in the submission differs from the _meta.json values inside the package (different ownerId and slug). This mismatch is not a functional security issue by itself but could indicate packaging/ownership sloppiness and is worth checking before trusting the publisher.
Instruction Scope
SKILL.md stays on-topic: it instructs the agent how to design JSON, what triggers/nodes to include, how to handle idempotency and error paths, and when to stop and ask for credentials/destination details. It explicitly warns not to include secrets in the JSON and to ask the user for credential strategy. There are no instructions to read unrelated system files, exfiltrate data, or contact undocumented endpoints.
Install Mechanism
There is no install spec and no code files — this is an instruction-only skill. That minimizes code-on-disk risk; nothing is downloaded or executed by the skill itself.
Credentials
The skill declares no required environment variables or credentials, and the instructions explicitly require asking for credential strategy before embedding references. It recommends referencing env var names rather than embedding secrets, which is proportionate for a workflow-generation tool that integrates with external systems.
Persistence & Privilege
The skill is not always-enabled and does not request elevated platform privileges or the ability to modify other skills. Autonomous invocation is allowed by default (platform normal), but the skill's content does not request persistent presence or system-wide configuration changes.
Assessment
This skill appears coherent and low-risk: it only generates n8n workflow JSON and a runbook template and explicitly avoids embedding secrets. Before installing or using it: (1) confirm the publisher/owner (there is a mismatch between registry metadata and the package _meta.json), (2) never paste secrets or credential values into prompts — instead provide only which env var or credential name to reference, (3) review any generated workflow.json for accidental secrets or external endpoints before importing into n8n, (4) test generated workflows in a non-production environment, and (5) ensure you have an approved credential/storage strategy (DB/Sheet/queue) because the skill will reference external systems but will not supply credentials itself.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.0
Download zip
latestvk97ethr3y67x1gnmpfd6yv9vr5833jsq

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

n8n workflow automation with retries, logging, and review queues

PURPOSE

Designs and outputs n8n workflow JSON with robust triggers, idempotency, error handling, logging, retries, and human-in-the-loop review queues.

WHEN TO USE

  • TRIGGERS:
    • Build an n8n workflow that runs every Monday and emails the compliance summary.
    • Add error handling and retries to this workflow, plus a review queue for failures.
    • Create a webhook workflow that logs every run and writes a status row to a tracker.
    • Make this n8n flow idempotent so it does not duplicate records when it reruns.
    • Instrument this workflow with audit logs and a human approval step.
  • DO NOT USE WHEN…
    • You need code-only automation without n8n (use a scripting/CI skill).
    • You need to bypass security controls or hide audit trails.
    • You need to purchase or recommend prohibited items/services.

INPUTS

  • REQUIRED:
    • Workflow intent: trigger type + schedule/timezone + success criteria.
    • Targets: where to write results (email/Drive/Sheet/DB) and required fields.
  • OPTIONAL:
    • Existing n8n workflow JSON to modify.
    • Sample payloads / example records.
    • Definition of dedup keys (what makes a record unique).
  • EXAMPLES:
    • Cron: Monday 08:00 Europe/London; send summary email + Drive upload
    • Webhook: receive JSON; route to folders

OUTPUTS

  • Default (read-only): a workflow design spec (nodes, data contracts, failure modes).
  • If explicitly requested: workflow.json (n8n importable JSON) + runbook.md (from template). Success = workflow is idempotent, logs every run, retries safely, and routes failures to a review queue.

WORKFLOW

  1. Clarify trigger:
    • Cron/webhook/manual; schedule/timezone; concurrency expectations.
  2. Define data contract:
    • input schema, required fields, and validation rules.
  3. Design idempotency:
    • choose dedup key(s) and storage (DB/Sheet) to prevent duplicates on retries.
  4. Add observability:
    • generate run_id, log start/end, store status row and error details.
  5. Implement error handling:
    • per-node error branches, retry with backoff, and final failure notification.
  6. Add human-in-the-loop (HITL) review queue:
    • write failed items to a queue (Sheet/DB) and require approval to reprocess.
  7. “No silent failure” gates:
    • if counts/thresholds fail, stop workflow and alert.
  8. Output:
    • If asked for JSON: produce importable n8n workflow JSON + runbook.
  9. STOP AND ASK THE USER if:
    • destination systems are unknown,
    • no dedup key exists,
    • credential strategy (env vars) is not specified,
    • the workflow needs privileged access not yet approved.

OUTPUT FORMAT

If outputting n8n workflow JSON, conform to:

{
  "name": "<workflow name>",
  "nodes": [ { "name": "Trigger", "type": "n8n-nodes-base.cron", "parameters": {}, "position": [0,0] } ],
  "connections": {},
  "settings": {},
  "active": false
}

Also output runbook.md using assets/runbook-template.md.

SAFETY & EDGE CASES

  • Read-only by default; only emit workflow JSON when explicitly requested.
  • Do not include secrets in JSON; reference env vars/credential names only.
  • Include audit logging + failure notifications; avoid workflows that can silently drop data.
  • Prefer least privilege: call only required APIs and minimize scopes.

EXAMPLES

  • Input: “Cron every Monday, email compliance summary, retry failures.”
    Output: Node map + workflow.json with Cron → Fetch → Aggregate → Email, plus error branches to review queue.

  • Input: “Webhook that logs runs and writes status row.”
    Output: Webhook → Validate → Process → Append status row; on error → log + notify + queue.

Files

3 total
Select a file
Select a file to preview.

Comments

Loading comments…