ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

N8n Integration

v0.1.1

实现 n8n 与 OpenClaw Agent 的双向集成,支持Webhook触发执行、结果回调、认证验证及可观测性。

0· 128·0 current·0 all-time
by@yuyonghao-123
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
The code implements the advertised functionality (webhook server, agent adapter, n8n API client, callbacks, observability). However the registry metadata declares no required environment variables or credentials while both SKILL.md and source code rely on multiple env vars (N8N_AUTH_TOKEN, N8N_PORT, N8N_VERBOSE, N8N_BASE_URL, N8N_API_KEY, WEBHOOK_SECRET). That mismatch is incoherent and could mislead users about what secrets this skill needs.
!
Instruction Scope
SKILL.md instructs running the webhook server and setting N8N_AUTH_TOKEN; the code follows those instructions. But the server will POST callback data to any callbackUrl provided by a request and includes the server's auth token in the X-N8N-Token header. That means untrusted callbackUrl values can receive a credential from the server — a data-exfiltration risk not highlighted in the documentation. The instructions also do not document WEBHOOK_SECRET or N8N_API_KEY even though the code reads them.
Install Mechanism
There is no formal install spec (instruction-only in registry), but the bundle includes Node.js source and a package-lock.json. Dependencies are from npm (express and transitive packages). No remote arbitrary downloads or non-standard install steps are present. package-lock shows an npm 'crypto' package marked deprecated (the built-in Node crypto should be used) — this is a maintenance/packaging issue but not an immediate remote-download risk.
!
Credentials
The code expects/uses sensitive environment variables (auth token, API key, webhook secret) and will transmit the auth token as an HTTP header when performing callbacks. Registry metadata lists no required env vars or primary credential, so the manifest understates the privileges and secrets the skill will access and transmit. Request headers and callback behavior increase the sensitivity: if callers control callbackUrl, they can cause the server to send its auth token to arbitrary endpoints.
Persistence & Privilege
The skill does not request always:true and does not attempt to change other skills or system-wide agent configuration. It opens an HTTP server (listening port/host) which is expected for a webhook integration; network exposure is normal but should be considered when choosing host/port and running environment.
What to consider before installing
This package does implement an n8n webhook server and agent adapter, but pay attention to these points before installing: - Manifest vs. reality: The registry declares no required env vars, but the code uses several (N8N_AUTH_TOKEN, WEBHOOK_SECRET, N8N_BASE_URL, N8N_API_KEY, N8N_PORT, N8N_VERBOSE). Treat these as required and supply secure values. - Token leakage risk: The server will POST results to any callbackUrl provided by a webhook request and it includes the server's auth token in the X-N8N-Token header. Do not allow untrusted parties to control callbackUrl, or modify the code to avoid sending your auth token to external endpoints. - Verify secrets: Use strong values for N8N_AUTH_TOKEN/WEBHOOK_SECRET and rotate them periodically. In production, run behind HTTPS and firewall rules; avoid binding to 0.0.0.0 on public hosts unless intended. - Review and harden code: Consider removing or replacing the deprecated npm 'crypto' package (use Node's built-in crypto), validate callback URLs against an allowlist, and avoid sending internal auth headers to external callback endpoints. - Run in isolation: Start the server in a controlled environment (test VM or container) and review network traffic (eg. with a web proxy) before deploying to production. Given the credential handling and manifest inconsistencies, treat this skill as suspicious until the above issues are addressed or clarified by the author.
src/webhook-server.js:25
Environment variable access combined with network send.
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.

Like a lobster shell, security has layers — review code before you run it.

latestvk9790yectkp703g7j1qn4cq6kn83z5vd

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments