Scans your n8n workflows for exposed credentials, tests OAuth token handling, and validates webhook authentication. You get pattern matching for API keys, JWT tokens, AWS credentials, and other secrets that shouldn't be in workflow JSON or logs. Also checks encryption at rest and tests credential rotation for OAuth flows. The quick reference card breaks down risk levels by area, which is actually helpful when you're triaging. Most useful during security reviews or before moving workflows to production. The pattern library is solid but you'll want to extend it for your specific services.
npx skills add https://github.com/proffesor-for-testing/agentic-qe --skill n8n-security-testing