n8n-expression-syntax

Validates n8n expression syntax and resolves common errors for efficient workflow automation.

Install this skill

or

13/100

Security score

The n8n-expression-syntax skill was audited on Feb 28, 2026 and we found 23 security issues across 3 threat categories. Review the findings below before installing.

Categories Tested

Security Issues

medium line 307

Template literal with variable interpolation in command context

SourceSKILL.md

307

```

medium line 3

Webhook reference - potential data exfiltration

SourceSKILL.md

3	description: Validate n8n expression syntax and fix common errors. Use when writing n8n expressions, using {{}} syntax, accessing $json/$node variables, troubleshooting expression errors, or working w

low line 51

Webhook reference - potential data exfiltration

SourceSKILL.md

51	{{$node["Webhook"].json.body.email}}

medium line 81

Webhook reference - potential data exfiltration

SourceSKILL.md

81	## 🚨 CRITICAL: Webhook Data Structure

medium line 83

Webhook reference - potential data exfiltration

SourceSKILL.md

83	Most Common Mistake: Webhook data is NOT at the root!

medium line 85

Webhook reference - potential data exfiltration

SourceSKILL.md

85	### Webhook Node Output Structure

medium line 100

Webhook reference - potential data exfiltration

SourceSKILL.md

100	### Correct Webhook Data Access

medium line 111

Webhook reference - potential data exfiltration

SourceSKILL.md

111	Why: Webhook node wraps incoming data under `.body` property to preserve headers, params, and query parameters.

low line 140

Webhook reference - potential data exfiltration

SourceSKILL.md

140	{{$node["Respond to Webhook"].json.message}}

low line 142

Webhook reference - potential data exfiltration

SourceSKILL.md

142	// Webhook node

low line 143

Webhook reference - potential data exfiltration

SourceSKILL.md

143	{{$node["Webhook"].json.body.email}}

medium line 184

Webhook reference - potential data exfiltration

SourceSKILL.md

184	### ❌ Webhook Paths

low line 188

Webhook reference - potential data exfiltration

SourceSKILL.md

188	path: "{{$json.user_id}}/webhook"

low line 191

Webhook reference - potential data exfiltration

SourceSKILL.md

191	path: "user-webhook" // Static paths only

medium line 262

Webhook reference - potential data exfiltration

SourceSKILL.md

262	\| `{{$json.name}}` (webhook) \| `{{$json.body.name}}` \|

medium line 271

Webhook reference - potential data exfiltration

SourceSKILL.md

271	### Example 1: Webhook to Slack

medium line 273

Webhook reference - potential data exfiltration

SourceSKILL.md

273	Webhook receives:

medium line 473

Webhook reference - potential data exfiltration

SourceSKILL.md

473	- Reference webhook data from `.body`

medium line 482

Webhook reference - potential data exfiltration

SourceSKILL.md

482	- Don't assume webhook data is at root (it's under .body!)

medium line 483

Webhook reference - potential data exfiltration

SourceSKILL.md

483	- Don't use expressions in webhook paths or credentials

medium line 499

Webhook reference - potential data exfiltration

SourceSKILL.md

499	2. Webhook data is under `.body`

medium line 506

Webhook reference - potential data exfiltration

SourceSKILL.md

506	- `{{$json.name}}` in webhooks → Use `{{$json.body.name}}`

low line 153

External URL reference

SourceSKILL.md

153	https://api.example.com/users/{{$json.body.user_id}}

Scanned on Feb 28, 2026

View Security Dashboard

Installation guide →

GitHub Stars 508

Rate this skill

Categorymarketing

UpdatedMay 20, 2026

openclaw api growth-marketer product-manager data-analyst n8n marketing product data analytics

Dicklesworthstone/pi_agent_rust