n8n-workflows
by Naveen666555
Overview
A fast, modern documentation system for N8N workflows, providing search, statistics, and visualization capabilities via a RESTful API and a web frontend.
Installation
node src/server.jsEnvironment Variables
- NODE_ENV
- PORT
- HOST
Security Notes
Critical path traversal vulnerability identified in `/api/workflows/:filename` and `/api/workflows/:filename/download` endpoints. The `filename` parameter from `req.params` is used directly in `path.join('workflows', filename)` without proper sanitization (e.g., using `path.basename()`). This allows an attacker to access or download arbitrary files outside the 'workflows' directory (e.g., `/api/workflows/../../package.json/download`). While other security measures like Helmet.js and rate limiting are present, this vulnerability is severe. No 'eval' or obvious obfuscation was found, and SQL queries generally use prepared statements, but the path traversal is a major concern.
Similar Servers
n8n
The MCP (Model Context Protocol) components in n8n enable workflows to interact with external AI agents and tools over a standardized protocol, facilitating communication between n8n and AI models for agent-based automation.
n8n-mcp
Provides an AI-friendly interface for n8n, enabling advanced documentation search, comprehensive workflow validation (including autofixing), template discovery, and workflow management (create, update, test, deploy workflows) to assist AI agents in building and managing n8n automations.
mcp-n8n-builder
Programmatically create, manage, and monitor n8n workflows and their executions via an MCP server, allowing AI assistants to automate workflow development without direct user intervention.
project-nova
Manages digital documents, tags, correspondents, and document types within a Paperless-NGX instance via a containerized MCP server using SSE transport for n8n integration.