Trust Assessment
n8n-automation received a trust score of 86/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include N8N_API_KEY grants full administrative access.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | N8N_API_KEY grants full administrative access The skill's documentation explicitly states that the `N8N_API_KEY` "has full access on non-enterprise plans". This means that the skill, when provided with such a key, will operate with broad administrative privileges over the n8n instance. Any compromise of the skill's execution environment or a vulnerability within the skill itself could lead to unauthorized creation, modification, or deletion of workflows, and access to sensitive data processed by n8n. This represents a significant risk due to the principle of least privilege not being achievable with such a key. Users should be aware of the broad permissions granted by the API key. If possible, use n8n enterprise plans or custom roles to create API keys with the least privilege necessary for the skill's operations. Ensure the environment variables storing the API key are secured and only accessible by authorized processes. | LLM | SKILL.md:100 |
Scan History
Embed Code
[](https://skillshield.io/report/2145103164a9af83)
Powered by SkillShield