n8n

The OpenClaw AgentSkills skill bundle for n8n workflow management is classified as benign. The Python scripts (`n8n_api.py`, `n8n_tester.py`, `n8n_optimizer.py`) correctly handle API keys and base URLs via environment variables and use the `requests` library for legitimate API interactions. File operations are limited to reading workflow definitions or test data from specified paths, which is part of the stated functionality. The `SKILL.md` and `README.md` files contain comprehensive instructions for the AI agent on how to use the skill and create n8n workflows, but lack any evidence of prompt injection attempts designed to subvert the agent's core directives or exfiltrate data. There is no code for data exfiltration, persistence, or unauthorized remote control. The potential for a user to create a malicious n8n workflow using this skill is a risk of the n8n platform itself, not an inherent malicious design of this skill bundle.