The Agent Skills Directory

[PROMPT_INJECTION]: The skill contains high-priority steering instructions that direct the agent to always consult specific guides before calling n8n-mcp tools. These instructions are designed to prevent formatting errors and are aligned with the skill's intended purpose.
[PROMPT_INJECTION]: Potential for Indirect Prompt Injection.
Ingestion points: The agent ingests external workflow data and user-provided descriptions via tools such as n8n_get_workflow, n8n_audit_instance, and n8n_generate_workflow.
Boundary markers: The instructions do not specify the use of delimiters or 'ignore' instructions when the agent is processing workflow JSON that could contain malicious comments or metadata.
Capability inventory: The agent has extensive write and execution capabilities via n8n_create_workflow, n8n_update_partial_workflow, and n8n_deploy_template, allowing it to modify code nodes and connections.
Sanitization: While the n8n_audit_instance tool provides automated secret detection and masking, it does not explicitly handle potential injection patterns embedded within workflow data.
[DATA_EXFILTRATION]: The skill provides tools for managing credentials and auditing security. The documentation explicitly states that secret data is stripped from tool responses and masked in reports, which is a significant security feature that prevents accidental data exposure.

n8n-mcp-tools-expert