n8n-expression-syntax
Pass
Audited by Gen Agent Trust Hub on Apr 13, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE]: The skill consists entirely of instructional markdown files providing documentation and examples for n8n expression syntax. No executable scripts or binary files are distributed with the skill content.
- [DATA_EXPOSURE_AND_EXFILTRATION]: The skill documents how to access node data and environment variables but adheres to security best practices by explicitly advising users to use the native n8n credential system for managing secrets rather than expressions.
- [INDIRECT_PROMPT_INJECTION]: The documentation guides the agent on how to interpolate data from untrusted external sources (such as webhooks or API responses) into workflow expressions. While this identifies a data ingestion surface, it is the primary intended functionality of the tool being documented and does not involve malicious logic.
Audit Metadata