Security Audit

n8n-api

github.com/openclaw/skills

AI SkillCommit 13146e6a3d46

TRUSTED

Scanned about 2 months ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

n8n-api received a trust score of 88/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.

SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Potential Command Injection via unsanitized user input in API calls.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

100%

LLM Behavioral Safety

85%

Behavioral Risk Signals

Network Access

1 finding

Filesystem Write

1 finding

Shell Execution

1 finding

Dynamic Code

1 finding

Security Findings1

Severity	Finding	Layer	Location
HIGH	Potential Command Injection via unsanitized user input in API calls The skill documentation provides `curl` command examples that include placeholders such as `{id}` and `{webhook-path}`. If the skill's underlying implementation constructs and executes these shell commands by directly substituting user-provided input into these placeholders without proper validation or sanitization, an attacker could inject arbitrary shell commands. For example, by providing an `{id}` like `123; rm -rf /` or a `{webhook-path}` like `path/to/webhook?param=value%26%26evil_command`, an attacker could execute arbitrary commands on the host system. This pattern is visible in multiple `curl` examples throughout the document. Implement robust input validation and sanitization for all user-provided parameters (e.g., `{id}`, `{webhook-path}`) before they are used to construct shell commands or URL paths. Ensure that shell metacharacters and path traversal sequences are properly escaped or rejected. Prefer using dedicated HTTP client libraries in the skill's actual code (e.g., Python's `requests` library) instead of direct shell execution of `curl` to mitigate command injection risks and handle URL encoding correctly.	LLM	SKILL.md:39

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/1ddef82248244399.svg)](https://skillshield.io/report/1ddef82248244399)