Skip to main content

n8n Workflow Mastery — Complete Automation Engineering System

Expertly designs and optimizes n8n workflows for automation, ensuring efficiency and scalability in business processes.

Install this skill

or
22/100

Security score

The n8n Workflow Mastery — Complete Automation Engineering System skill was audited on Mar 3, 2026 and we found 38 security issues across 2 threat categories. Review the findings below before installing.

Categories Tested

Security Issues

medium line 229

Template literal with variable interpolation in command context

SourceSKILL.md
229fullName: `${data.first_name} ${data.last_name}`.trim(),
medium line 280

Template literal with variable interpolation in command context

SourceSKILL.md
280url: `${baseUrl}/items?page=${page}&per_page=100`,
medium line 281

Template literal with variable interpolation in command context

SourceSKILL.md
281headers: { 'Authorization': `Bearer ${$env.API_TOKEN}` },
medium line 417

Template literal with variable interpolation in command context

SourceSKILL.md
417retry_url: `${$env.N8N_BASE_URL}/workflow/${error.workflow?.id}/executions/${error.execution?.id}`,
medium line 604

Template literal with variable interpolation in command context

SourceSKILL.md
604const fullName = `${data.firstName || ''} ${data.lastName || ''}`.trim();
medium line 1193

Template literal with variable interpolation in command context

SourceSKILL.md
1193```yaml
low line 40

Webhook reference - potential data exfiltration

SourceSKILL.md
40trigger: "What starts this workflow? (webhook/schedule/event/manual)"
medium line 113

Webhook reference - potential data exfiltration

SourceSKILL.md
113| External system sends data | Webhook | Webhook | API integrations, form submissions |
medium line 120

Webhook reference - potential data exfiltration

SourceSKILL.md
120| Database change | Polling/Webhook | Various | CDC (Change Data Capture) |
medium line 122

Webhook reference - potential data exfiltration

SourceSKILL.md
122### 3.2 Webhook Security Checklist
low line 125

Webhook reference - potential data exfiltration

SourceSKILL.md
125webhook_security:
low line 132

Webhook reference - potential data exfiltration

SourceSKILL.md
132use_when: "Stripe, GitHub, Shopify webhooks"
low line 143

Webhook reference - potential data exfiltration

SourceSKILL.md
143- "Log all webhook calls for audit trail"
low line 144

Webhook reference - potential data exfiltration

SourceSKILL.md
144- "Set webhook timeout (don't leave connections hanging)"
low line 145

Webhook reference - potential data exfiltration

SourceSKILL.md
145- "Use 'Respond to Webhook' node for async processing"
low line 512

Webhook reference - potential data exfiltration

SourceSKILL.md
512trigger: "Webhook from CRM (new/updated contact)"
low line 555

Webhook reference - potential data exfiltration

SourceSKILL.md
555trigger: "Form/webhook (new request)"
low line 559

Webhook reference - potential data exfiltration

SourceSKILL.md
5593: "Wait for webhook callback (button click)"
low line 570

Webhook reference - potential data exfiltration

SourceSKILL.md
570trigger: "Webhook or schedule"
low line 774

Webhook reference - potential data exfiltration

SourceSKILL.md
774- "Put API keys in webhook URLs"
medium line 780

Webhook reference - potential data exfiltration

SourceSKILL.md
780### 9.2 Webhook Security Implementation
low line 787

Webhook reference - potential data exfiltration

SourceSKILL.md
787const secret = $env.WEBHOOK_SECRET;
low line 796

Webhook reference - potential data exfiltration

SourceSKILL.md
796// Return 401 via Respond to Webhook node
low line 1064

Webhook reference - potential data exfiltration

SourceSKILL.md
1064trigger: Webhook (form submission)
low line 1066

Webhook reference - potential data exfiltration

SourceSKILL.md
10661_webhook:
low line 1067

Webhook reference - potential data exfiltration

SourceSKILL.md
1067type: Webhook
low line 1070

Webhook reference - potential data exfiltration

SourceSKILL.md
1070response: "Respond to Webhook (immediate 200)"
low line 1143

Webhook reference - potential data exfiltration

SourceSKILL.md
1143trigger: Webhook (helpdesk new ticket)
low line 1145

Webhook reference - potential data exfiltration

SourceSKILL.md
11451_webhook:
low line 1146

Webhook reference - potential data exfiltration

SourceSKILL.md
1146type: Webhook
low line 1195

Webhook reference - potential data exfiltration

SourceSKILL.md
1195trigger: Webhook (Stripe payment_intent.succeeded)
low line 1197

Webhook reference - potential data exfiltration

SourceSKILL.md
11971_webhook:
low line 1198

Webhook reference - potential data exfiltration

SourceSKILL.md
1198type: Webhook
low line 1251

Webhook reference - potential data exfiltration

SourceSKILL.md
1251pattern: "Workflows trigger other workflows via internal webhooks"
low line 1256

Webhook reference - potential data exfiltration

SourceSKILL.md
1256→ HTTP Request to internal webhook: /event/order-created
low line 1294

Webhook reference - potential data exfiltration

SourceSKILL.md
1294use_case: "1000 webhook events/minute, API limit 10/minute"
low line 1297

Webhook reference - potential data exfiltration

SourceSKILL.md
12971: "Webhook receives event"
low line 1361

Webhook reference - potential data exfiltration

SourceSKILL.md
1361webhook_scaling: "Separate webhook processor from main"
Scanned on Mar 3, 2026
View Security Dashboard
Installation guide →
GitHub Stars 2.2K
Rate this skill
Categorymarketing
UpdatedApril 4, 2026
openclawapigrowth-marketerproduct-managerbusiness-developmentmarketing-analystoperations-managern8nmarketingproductsalesoperations
openclaw/skills