The Agent Skills Directory

[CREDENTIALS_UNSAFE]: A hardcoded API key was discovered within a workflow template configuration. Hardcoding secrets in shared assets is a significant security risk, as it exposes the account to unauthorized usage.
Evidence: Found in resources/templates/ai-chatbots/4600--ai-content-generation-for-auto-service-automate-your-social.md inside the 'Freepik API' node configuration (x-freepik-api-key header set to FPSX38a53a81a693e71a0e9437a657de6342).
[PROMPT_INJECTION]: Several included templates (e.g., 4557, 4722, 4827, 5449, 8237) are vulnerable to indirect prompt injection due to their design for processing external, untrusted content.
Ingestion points: These workflows pull data directly from incoming Gmail messages, WhatsApp messages, or external web scraping tasks.
Boundary markers: The ingested data is interpolated into AI prompts without robust delimiters or instructions to ignore embedded instructions, allowing potential attackers to influence agent behavior through malicious data.
Capability inventory: The vulnerable workflows have access to sensitive tools, including Gmail label management, WhatsApp messaging (via community nodes), and database/spreadsheet updates.
Sanitization: There is no evidence of automated filtering or sanitization of input data before it is passed to the LLM nodes.
[EXTERNAL_DOWNLOADS]: Numerous workflow templates reference and interact with external APIs and services as part of their core functionality.
Templates fetch data from well-known platforms including TikTok, Google Trends, Cloudinary, and various AI providers (OpenAI, Perplexity, ElevenLabs).
These references are documented as standard functional requirements for the provided automation use cases.

n8n-skills