by 安全扫描
OpenClaw
可疑
high confidenceThe skill largely does what it says (n8n webhook <-> agent integration) but has mismatches between its declared requirements and actual code (undeclared environment variables/credentials), and it will send the server's auth token to arbitrary callback URLs — behaviour you should review before installing.
评估建议
This package does implement an n8n webhook server and agent adapter, but pay attention to these points before installing:
- Manifest vs. reality: The registry declares no required env vars, but the code uses several (N8N_AUTH_TOKEN, WEBHOOK_SECRET, N8N_BASE_URL, N8N_API_KEY, N8N_PORT, N8N_VERBOSE). Treat these as required and supply secure values.
- Token leakage risk: The server will POST results to any callbackUrl provided by a webhook request and it includes the server's auth token in the X-...详细分析 ▾
⚠ 用途与能力
The code implements the advertised functionality (webhook server, agent adapter, n8n API client, callbacks, observability). However the registry metadata declares no required environment variables or credentials while both SKILL.md and source code rely on multiple env vars (N8N_AUTH_TOKEN, N8N_PORT, N8N_VERBOSE, N8N_BASE_URL, N8N_API_KEY, WEBHOOK_SECRET). That mismatch is incoherent and could mislead users about what secrets this skill needs.
⚠ 指令范围
SKILL.md instructs running the webhook server and setting N8N_AUTH_TOKEN; the code follows those instructions. But the server will POST callback data to any callbackUrl provided by a request and includes the server's auth token in the X-N8N-Token header. That means untrusted callbackUrl values can receive a credential from the server — a data-exfiltration risk not highlighted in the documentation. The instructions also do not document WEBHOOK_SECRET or N8N_API_KEY even though the code reads them.
ℹ 安装机制
There is no formal install spec (instruction-only in registry), but the bundle includes Node.js source and a package-lock.json. Dependencies are from npm (express and transitive packages). No remote arbitrary downloads or non-standard install steps are present. package-lock shows an npm 'crypto' package marked deprecated (the built-in Node crypto should be used) — this is a maintenance/packaging issue but not an immediate remote-download risk.
⚠ 凭证需求
The code expects/uses sensitive environment variables (auth token, API key, webhook secret) and will transmit the auth token as an HTTP header when performing callbacks. Registry metadata lists no required env vars or primary credential, so the manifest understates the privileges and secrets the skill will access and transmit. Request headers and callback behavior increase the sensitivity: if callers control callbackUrl, they can cause the server to send its auth token to arbitrary endpoints.
✓ 持久化与权限
The skill does not request always:true and does not attempt to change other skills or system-wide agent configuration. It opens an HTTP server (listening port/host) which is expected for a webhook integration; network exposure is normal but should be considered when choosing host/port and running environment.
⚠ src/webhook-server.js:25
Environment variable access combined with network send.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv0.1.12026/3/27
- Updated dependencies in package.json. - No user-facing changes; maintenance release.
● 无害
安装命令 点击复制
官方npx clawhub@latest install yuyonghao-n8n-integration
镜像加速npx clawhub@latest install yuyonghao-n8n-integration --registry https://cn.clawhub-mirror.com
数据来源:ClawHub ↗ · 中文优化:龙虾技能库
OpenClaw 技能定制 / 插件定制 / 私有工作流定制
免费技能或插件可能存在安全风险,如需更匹配、更安全的方案,建议联系付费定制