Skip to content

The 15 n8n security checks Black Cat runs

Black Cat SSPM evaluates 15 security policies against your n8n configuration on every scan, classifies each finding by risk, and provides remediation steps. Below is the full list, grouped by category.

autonomy

mediumn8n Workflow Agent No Error Handling

Add error handling workflow

highn8n Workflow Agent Webhook Trigger

Secure the webhook endpoint

mediumn8n Workflow Agent Schedule Trigger

Add human-in-the-loop to scheduled AI workflow

lown8n Workflow Agent Multi AI Model

Review multiple LLM provider usage

highn8n Workflow Agent High Risk Unblocked

Block or restrict high-risk n8n workflow agents with scores above 70

data access

mediumn8n Workflow Agent Database Access

Review database access scope of the workflow

mediumn8n Workflow Agent File Access

Review file access scope of the workflow

highn8n Workflow Agent Code Execution

Review code and command execution nodes

lifecycle

lown8n Workflow Agent Stale

Review and deactivate or update stale workflows

mediumn8n Workflow Agent Active Never Executed

Investigate active AI workflow that has never run

mediumn8n Workflow Agent Inactive Webhook

Remove or reactivate the inactive webhook workflow

highn8n Workflow Agent Orphaned Owner

Reassign the n8n workflow agent to an active owner

permission

mediumn8n Workflow Agent Excessive Credentials

Reduce the number of credentials used by the workflow

highn8n Workflow Agent Sensitive Credential

Review and restrict access to sensitive credentials

mediumn8n Workflow Agent HTTP Request Node

Review HTTP Request node destinations

See these checks run on your stack

Start a free 14-day trial — no credit card required.

Start Free Trial