The 15 n8n security checks Black Cat runs
Black Cat SSPM evaluates 15 security policies against your n8n configuration on every scan, classifies each finding by risk, and provides remediation steps. Below is the full list, grouped by category.
autonomy
Add error handling workflow
Secure the webhook endpoint
Add human-in-the-loop to scheduled AI workflow
Review multiple LLM provider usage
Block or restrict high-risk n8n workflow agents with scores above 70
data access
Review database access scope of the workflow
Review file access scope of the workflow
Review code and command execution nodes
lifecycle
Review and deactivate or update stale workflows
Investigate active AI workflow that has never run
Remove or reactivate the inactive webhook workflow
Reassign the n8n workflow agent to an active owner
permission
Reduce the number of credentials used by the workflow
Review and restrict access to sensitive credentials
Review HTTP Request node destinations