High-risk tools in N8n
8 of the 43 tools in N8n are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
activate_workflowExecuteActivate (publish) a workflow so its triggers start running. Requires write_mode.
-
create_and_validate_workflowExecuteCreate a workflow with automatic double-validation: structural check, two execution
-
execute_workflowExecuteExecute a workflow with optional test data for end-to-end validation. Requires write_mode.
-
retry_executionExecuteRetry a failed execution. Set load_workflow=true to use the latest workflow version.
-
source_control_pullExecutePull changes from the connected Git repository. Requires write_mode and source control configured.
-
stop_executionExecuteStop a running execution. Requires write_mode.
-
stop_many_executionsExecuteStop multiple executions matching filter criteria. Status options: 'queued', 'running', 'waiting'.
-
trigger_webhook_testExecuteTrigger a workflow via its webhook URL with test data. Workflow must be active.
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.