This skill implements enterprise-grade security protections:
CRITICAL SECURITY REQUIREMENTS:
# NEVER store these in openclaw.json or any config file
export N8N_URL="https://your-n8n-instance.com"
export N8N_API_KEY="your-api-key"
cd skills/n8n-automation-secure
./scripts/validate-setup.sh
# Add to ~/.bashrc or /etc/environment
export N8N_URL=""
export N8N_API_KEY=""
# Reload shell
source ~/.bashrc
cd /data/.openclaw/workspace/skills/n8n-automation-secure
./scripts/validate-setup.sh
This will:
curl -X GET "$N8N_URL/api/v1/workflows" \
-H "X-N8N-API-KEY: $N8N_API_KEY" \
-H "Content-Type: application/json"
❌ NEVER do this:
{
"env": {
"N8N_URL": "https://n8n.example.com", // ❌ INSECURE
"N8N_API_KEY": "secret-key-here" // ❌ CRITICAL SECURITY ISSUE
}
}
✅ CORRECT approach:
# Set at system level, never in files
export N8N_URL="https://your-n8n.com"
export N8N_API_KEY="your-key"
The skill operates in three permission modes:
| Mode | Read | Execute | Create | Update | Delete | Risk Level |
|---|---|---|---|---|---|---|
| ------- | ------ | ---------- | --------- | --------- | -------- | ------------- |
readonly | ✅ | ✅ | ❌ | ❌ | ❌ | 🟢 LOW |
restricted | ✅ | ✅ | ✅* | ✅* | ❌ | 🟡 MEDIUM |
full | ✅ | ✅ | ✅ | ✅ | ✅* | 🔴 HIGH |
Default mode: readonly
To change mode:
export N8N_PERMISSION_MODE="full" # DANGEROUS - only for trusted environments
All actions are logged to:
/data/.openclaw/logs/n8n-audit.log
Log format:
{
"timestamp": "2024-01-15T10:30:45.123Z",
"user": "nelson",
"action": "WORKFLOW_EXECUTE",
"workflowId": "abc123",
"workflowName": "CI Build",
"status": "success",
"ip": "127.0.0.1",
"userAgent": "curl/7.68.0",
"durationMs": 234
}
Review audit logs:
tail -f /data/.openclaw/logs/n8n-audit.log
Default limits (configurable):
| Operation | Limit | Window |
|---|---|---|
| ----------- | ------- | --------- |
| API requests | 10 | per minute |
| Workflow executions | 5 | per minute |
| Bulk operations | 1 | per 5 minutes |
Customize limits:
export N8N_RATE_LIMIT="15/minute"
export N8N_EXECUTION_LIMIT="10/minute"
curl -X GET "$N8N_URL/api/v1/workflows" \
-H "X-N8N-API-KEY: $N8N_API_KEY" \
-H "Content-Type: application/json"
curl -X GET "$N8N_URL/api/v1/workflows/{id}" \
-H "X-N8N-API-KEY: $N8N_API_KEY" \
-H "Content-Type: application/json"
curl -X GET "$N8N_URL/api/v1/executions/{id}" \
-H "X-N8N-API-KEY: $N8N_API_KEY"
curl -X GET "$N8N_URL/api/v1/workflows/{id}/executions?limit=10" \
-H "X-N8N-API-KEY: $N8N_API_KEY"
Confirmation required: The skill will ask for approval before execution.
# Step 1: Review workflow
curl -X GET "$N8N_URL/api/v1/workflows/{id}" \
-H "X-N8N-API-KEY: $N8N_API_KEY"
# Step 2: Execute (with confirmation)
curl -X POST "$N8N_URL/api/v1/workflows/{id}/executions" \
-H "X-N8N-API-KEY: $N8N_API_KEY" \
-H "Content-Type: application/json" \
-d '{"data": {"contextData": {}, "manualExecution": true}}'
curl -X POST "https://your-n8n.com/webhook/{webhook-key}" \
-H "Content-Type: application/json" \
-d '{"data": {"input1": "value1"}}'
⚠️ These operations require TWO confirmations:
# Step 1: Show what will be cloned
curl -X GET "$N8N_URL/api/v1/workflows/{source-id}" \
-H "X-N8N-API-KEY: $N8N_API_KEY"
# Step 2: Execute with confirmation
curl -X POST "$N8N_URL/api/v1/workflows/{source-id}/clone" \
-H "X-N8N-API-KEY: $N8N_API_KEY" \
-H "Content-Type: application/json" \
-d '{"name": "Cloned Workflow"}'
# Step 1: Show current state
curl -X GET "$N8N_URL/api/v1/workflows/{id}" \
-H "X-N8N-API-KEY: $N8N_API_KEY"
# Step 2: Show diff
# (Display what will change)
# Step 3: Execute with confirmation
curl -X PATCH "$N8N_URL/api/v1/workflows/{id}" \
-H "X-N8N-API-KEY: $N8N_API_KEY" \
-H "Content-Type: application/json" \
-d '{"nodes": [{"parameters": {...}}]}'
# Step 1: Show workflow details
curl -X GET "$N8N_URL/api/v1/workflows/{id}" \
-H "X-N8N-API-KEY: $N8N_API_KEY"
# Step 2: Type confirmation
# DELETE: Workflow Name - Type "I confirm deletion" to proceed
# Step 3: Execute
curl -X DELETE "$N8N_URL/api/v1/workflows/{id}" \
-H "X-N8N-API-KEY: $N8N_API_KEY"
All inputs are validated before API calls:
function validateN8NUrl(url) {
// Must be HTTPS
if (!url.match(/^https:\/\/[a-z0-9.-]+(\.[a-z0-9.-]+)+$/i)) {
throw new Error('Invalid N8N URL. Must be HTTPS and properly formatted.');
}
// No credentials in URL
if (url.includes('@') || url.includes(':')) {
throw new Error('URL must not contain credentials');
}
// No query parameters with secrets
if (url.match(/\b(key|token|secret|password)\b/i)) {
throw new Error('URL must not contain secret keywords');
}
return url;
}
function sanitizeData(data) {
// Remove sensitive keys
const sensitive = ['password', 'apiKey', 'secret', 'token', 'credential'];
const sanitized = JSON.parse(JSON.stringify(data));
function clean(obj) {
for (const key in obj) {
if (sensitive.some(s => key.toLowerCase().includes(s))) {
obj[key] = '***REDACTED***';
} else if (typeof obj[key] === 'object') {
clean(obj[key]);
}
}
}
clean(sanitized);
return sanitized;
}
# .github/workflows/n8n-trigger.yml
name: Trigger N8N Workflow
on:
push:
branches: [main]
jobs:
trigger-n8n:
runs-on: ubuntu-latest
steps:
- name: Trigger N8N workflow
env:
N8N_URL: ${{ secrets.N8N_URL }}
N8N_API_KEY: ${{ secrets.N8N_API_KEY }}
run: |
curl -X POST "$N8N_URL/api/v1/workflows/${{ secrets.N8N_WORKFLOW_ID }}/executions" \
-H "X-N8N-API-KEY: $N8N_API_KEY" \
-H "Content-Type: application/json" \
-d '{"data": {"contextData": {"commitSha": "${{ github.sha }}"}}}'
#!/usr/bin/env python3
import os
import requests
N8N_URL = os.environ.get('N8N_URL')
N8N_API_KEY = os.environ.get('N8N_API_KEY')
def execute_workflow(workflow_id, data):
"""Execute n8n workflow with input validation"""
# Validate inputs
if not N8N_URL or not N8N_API_KEY:
raise ValueError('N8N_URL and N8N_API_KEY environment variables are required')
if not N8N_URL.startswith('https://'):
raise ValueError('N8N_URL must use HTTPS')
# Sanitize data
sanitized_data = sanitize(data)
# Execute
response = requests.post(
f'{N8N_URL}/api/v1/workflows/{workflow_id}/executions',
headers={
'X-N8N-API-KEY': N8N_API_KEY,
'Content-Type': 'application/json'
},
json={'data': {'contextData': sanitized_data}}
)
response.raise_for_status()
return response.json()
def sanitize(data):
"""Remove sensitive data"""
sensitive_keys = ['password', 'apiKey', 'secret', 'token']
# ... sanitization logic
return data
✅ DO:
# Set at system level
export N8N_URL="https://your-n8n.com"
export N8N_API_KEY="your-key"
# Or in script execution
N8N_URL="https://your-n8n.com" N8N_API_KEY="your-key" ./script.sh
❌ DON'T:
# Never in config files
export N8N_URL="..." # Saved in ~/.bashrc (risk if compromised)
For dangerous operations:
# Review recent activity
tail -100 /data/.openclaw/logs/n8n-audit.log
# Check for suspicious patterns
grep -i "delete\|remove\|dangerous" /data/.openclaw/logs/n8n-audit.log
# Monitor for errors
grep "error\|failed\|unauthorized" /data/.openclaw/logs/n8n-audit.log
ERROR: N8N_URL and N8N_API_KEY environment variables are required
Solution:
export N8N_URL="https://your-n8n.com"
export N8N_API_KEY="your-api-key"
ERROR: Invalid N8N URL. Must be HTTPS and properly formatted.
Solution:
https://ERROR: Rate limit exceeded. Wait before retrying.
Solution:
ERROR: Operation not permitted in current permission mode.
Solution:
echo $N8N_PERMISSION_MODEexport N8N_PERMISSION_MODE="restricted"Before using this skill in production, verify:
{
"agents": {
"n8n-automation": {
"id": "n8n-automation",
"name": "n8n Automation (Secure)",
"skills": ["n8n-automation-secure"],
"sandbox": "require",
"tools": {
"denylist": ["exec", "eval", "shell"]
},
"maxConcurrent": 1
}
}
}
# Add skill to main agent
openclaw agent add-skill main n8n-automation-secure
# Or create dedicated agent
openclaw agent create n8n-automation \
--skills n8n-automation-secure \
--sandbox require \
--max-concurrent 1
references/security.md - Complete security guidescripts/validate-setup.sh - Setup verificationscripts/audit-logger.sh - Log managementMIT License - See LICENSE.md for details
Security is the top priority. All contributions must:
references/ directory⚠️ IMPORTANT: This skill prioritizes security over convenience. Read-only operations work immediately. Dangerous operations require explicit confirmation and appropriate permission levels.
共 1 个版本
暂无安全检测报告