n8n-credentials-and-security
Pass
Audited by Gen Agent Trust Hub on May 12, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill establishes strong security defaults by mandating the use of n8n's internal, encrypted credential system for all authentication data (API keys, tokens, passwords).
- [SAFE]: It provides explicit instructions for the AI agent to detect and mitigate data exposure, specifically advising users to rotate credentials if they paste them into the chat interface.
- [SAFE]: The skill identifies and provides fixes for common security anti-patterns, such as hardcoding secrets in workflow JSON, header fields, or expression text.
- [SAFE]: Instructions for researching external API documentation and GitHub repositories are provided as benign guidance for workflow development and do not involve the execution of untrusted code.
- [SAFE]: All credentials used in examples and references are clear placeholders (e.g., 'sk-abc123def456') and do not constitute a leak of real secrets.
Audit Metadata