by czlonkowski
A MCP for Claude Desktop / Claude Code / Windsurf / Cursor to build n8n workflows for you
# Add to your Claude Code skills
git clone https://github.com/czlonkowski/n8n-mcpGuides for using mcp servers skills like n8n-mcp.
Last scanned: 4/16/2026
{
"issues": [
{
"type": "npm-audit",
"message": "@aws-sdk/client-bedrock-agent-runtime: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "@aws-sdk/client-bedrock-runtime: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "@aws-sdk/client-cognito-identity: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "@aws-sdk/client-kendra: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "@aws-sdk/client-s3: Vulnerability found",
"severity": "critical"
},
{
"type": "npm-audit",
"message": "@aws-sdk/client-sagemaker: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "@aws-sdk/client-sso: Vulnerability found",
"severity": "critical"
},
{
"type": "npm-audit",
"message": "@aws-sdk/client-sso-oidc: Vulnerability found",
"severity": "critical"
},
{
"type": "npm-audit",
"message": "@aws-sdk/core: Vulnerability found",
"severity": "critical"
},
{
"type": "npm-audit",
"message": "@aws-sdk/credential-provider-cognito-identity: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "@aws-sdk/credential-provider-env: Vulnerability found",
"severity": "critical"
},
{
"type": "npm-audit",
"message": "@aws-sdk/credential-provider-http: Vulnerability found",
"severity": "critical"
},
{
"type": "npm-audit",
"message": "@aws-sdk/credential-provider-ini: Vulnerability found",
"severity": "critical"
},
{
"type": "npm-audit",
"message": "@aws-sdk/credential-provider-login: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "@aws-sdk/credential-provider-node: Vulnerability found",
"severity": "critical"
},
{
"type": "npm-audit",
"message": "@aws-sdk/credential-provider-process: Vulnerability found",
"severity": "critical"
},
{
"type": "npm-audit",
"message": "@aws-sdk/credential-provider-sso: Vulnerability found",
"severity": "critical"
},
{
"type": "npm-audit",
"message": "@aws-sdk/credential-provider-web-identity: Vulnerability found",
"severity": "critical"
},
{
"type": "npm-audit",
"message": "@aws-sdk/credential-providers: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "@aws-sdk/middleware-flexible-checksums: Vulnerability found",
"severity": "critical"
},
{
"type": "npm-audit",
"message": "@aws-sdk/middleware-sdk-s3: Vulnerability found",
"severity": "critical"
},
{
"type": "npm-audit",
"message": "@aws-sdk/middleware-user-agent: Vulnerability found",
"severity": "critical"
},
{
"type": "npm-audit",
"message": "@aws-sdk/nested-clients: Vulnerability found",
"severity": "critical"
},
{
"type": "npm-audit",
"message": "@aws-sdk/signature-v4-multi-region: Vulnerability found",
"severity": "critical"
},
{
"type": "npm-audit",
"message": "@aws-sdk/token-providers: Vulnerability found",
"severity": "critical"
},
{
"type": "npm-audit",
"message": "@aws-sdk/util-user-agent-node: Vulnerability found",
"severity": "critical"
},
{
"type": "npm-audit",
"message": "@aws-sdk/xml-builder: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "@azure/identity: Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "@getzep/zep-cloud: Vulnerability found",
"severity": "critical"
},
{
"type": "npm-audit",
"message": "@google-cloud/storage: Vulnerability found",
"severity": "low"
},
{
"type": "npm-audit",
"message": "@grpc/grpc-js: @grpc/grpc-js can allocate memory for incoming messages well above configured limits",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "@hono/node-server: @hono/node-server has authorization bypass for protected static paths via encoded slashes in Serve Static Middleware",
"severity": "high"
},
{
"type": "npm-audit",
"message": "@kafkajs/confluent-schema-registry: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "@langchain/classic: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "@langchain/community: Vulnerability found",
"severity": "critical"
},
{
"type": "npm-audit",
"message": "@langchain/core: LangChain serialization injection vulnerability enables secret extraction",
"severity": "high"
},
{
"type": "npm-audit",
"message": "@langchain/openai: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "@langchain/textsplitters: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "@n8n/ai-utilities: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "@n8n/backend-common: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "@n8n/client-oauth2: Vulnerability found",
"severity": "critical"
},
{
"type": "npm-audit",
"message": "@n8n/decorators: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "@n8n/expression-runtime: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "@n8n/imap: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "@n8n/n8n-nodes-langchain: Vulnerability found",
"severity": "critical"
},
{
"type": "npm-audit",
"message": "@n8n/typeorm: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "@n8n/workflow-sdk: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "@tootallnate/once: @tootallnate/once vulnerable to Incorrect Control Flow Scoping",
"severity": "low"
},
{
"type": "npm-audit",
"message": "@xmldom/xmldom: xmldom: XML injection via unsafe CDATA serialization allows attacker-controlled markup insertion",
"severity": "high"
},
{
"type": "npm-audit",
"message": "@zilliz/milvus2-sdk-node: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "ajv: ajv has ReDoS when using `$data` option",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "axios: Axios has Unrestricted Cloud Metadata Exfiltration via Header Injection Chain",
"severity": "critical"
},
{
"type": "npm-audit",
"message": "brace-expansion: brace-expansion: Zero-step sequence causes process hang and memory exhaustion",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "cacache: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "cohere-ai: Vulnerability found",
"severity": "low"
},
{
"type": "npm-audit",
"message": "diff: jsdiff has a Denial of Service vulnerability in parsePatch and applyPatch",
"severity": "low"
},
{
"type": "npm-audit",
"message": "expr-eval: expr-eval vulnerable to Prototype Pollution",
"severity": "high"
},
{
"type": "npm-audit",
"message": "express-rate-limit: express-rate-limit: IPv4-mapped IPv6 addresses bypass per-client rate limiting on servers with dual-stack network",
"severity": "high"
},
{
"type": "npm-audit",
"message": "fast-xml-parser: fast-xml-parser has RangeError DoS Numeric Entities Bug",
"severity": "critical"
},
{
"type": "npm-audit",
"message": "file-type: file-type affected by infinite loop in ASF parser on malformed input with zero-size sub-header",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "flatted: flatted vulnerable to unbounded recursion DoS in parse() revive phase",
"severity": "high"
},
{
"type": "npm-audit",
"message": "follow-redirects: follow-redirects leaks Custom Authentication Headers to Cross-Domain Redirect Targets",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "form-data: form-data uses unsafe random function in form-data for choosing boundary",
"severity": "critical"
},
{
"type": "npm-audit",
"message": "glob: glob CLI: Command injection via -c/--cmd executes matches with shell:true",
"severity": "high"
},
{
"type": "npm-audit",
"message": "google-gax: Vulnerability found",
"severity": "low"
},
{
"type": "npm-audit",
"message": "handlebars: Handlebars.js has JavaScript Injection via AST Type Confusion by tampering @partial-block",
"severity": "critical"
},
{
"type": "npm-audit",
"message": "hono: Hono missing validation of cookie name on write path in setCookie()",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "http-proxy-agent: Vulnerability found",
"severity": "low"
},
{
"type": "npm-audit",
"message": "ibm-cloud-sdk-core: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "imap: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "langchain: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "langsmith: LangSmith Client SDK Affected by Server-Side Request Forgery via Tracing Header Injection",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "lodash: lodash vulnerable to Code Injection via `_.template` imports key names",
"severity": "high"
},
{
"type": "npm-audit",
"message": "lodash-es: lodash vulnerable to Code Injection via `_.template` imports key names",
"severity": "high"
},
{
"type": "npm-audit",
"message": "mailparser: Vulnerability found",
"severity": "low"
},
{
"type": "npm-audit",
"message": "make-fetch-happen: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "mappersmith: Vulnerability found",
"severity": "low"
},
{
"type": "npm-audit",
"message": "minimatch: minimatch has a ReDoS via repeated wildcards with non-matching literal in pattern",
"severity": "high"
},
{
"type": "npm-audit",
"message": "mssql: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "n8n-core: Vulnerability found",
"severity": "critical"
},
{
"type": "npm-audit",
"message": "n8n-nodes-base: Vulnerability found",
"severity": "critical"
},
{
"type": "npm-audit",
"message": "n8n-workflow: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "node-forge: node-forge has ASN.1 Unbounded Recursion",
"severity": "high"
},
{
"type": "npm-audit",
"message": "node-gyp: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "nodemailer: Nodemailer has SMTP command injection due to unsanitized `envelope.size` parameter",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "path-to-regexp: path-to-regexp vulnerable to Denial of Service via sequential optional groups",
"severity": "high"
},
{
"type": "npm-audit",
"message": "picomatch: Picomatch: Method Injection in POSIX Character Classes causes incorrect Glob Matching",
"severity": "high"
},
{
"type": "npm-audit",
"message": "qs: qs's arrayLimit bypass in comma parsing allows denial of service",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "retry-request: Vulnerability found",
"severity": "low"
},
{
"type": "npm-audit",
"message": "rollup: Rollup 4 has Arbitrary File Write via Path Traversal",
"severity": "high"
},
{
"type": "npm-audit",
"message": "semver: semver vulnerable to Regular Expression Denial of Service",
"severity": "high"
},
{
"type": "npm-audit",
"message": "snowflake-sdk: Vulnerability found",
"severity": "low"
},
{
"type": "npm-audit",
"message": "sqlite3: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "tar: node-tar Vulnerable to Arbitrary File Creation/Overwrite via Hardlink Path Traversal",
"severity": "high"
},
{
"type": "npm-audit",
"message": "tedious: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "teeny-request: Vulnerability found",
"severity": "low"
},
{
"type": "npm-audit",
"message": "underscore: Underscore has unlimited recursion in _.flatten and _.isEqual, potential for DoS attack",
"severity": "high"
},
{
"type": "npm-audit",
"message": "undici: Undici has an unbounded decompression chain in HTTP responses on Node.js Fetch API via Content-Encoding leads to resource exhaustion",
"severity": "high"
},
{
"type": "npm-audit",
"message": "utf7: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "vite: vite allows server.fs.deny bypass via backslash on Windows",
"severity": "high"
},
{
"type": "npm-audit",
"message": "yaml: yaml is vulnerable to Stack Overflow via deeply nested YAML collections",
"severity": "medium"
}
],
"status": "FAILED",
"scannedAt": "2026-04-16T06:06:23.557Z",
"semgrepRan": false,
"npmAuditRan": true,
"pipAuditRan": true
}n8n-mcp is an open-source mcp servers skill for AI coding assistants such as Claude Code, Codex CLI, and ChatGPT, built by czlonkowski. A MCP for Claude Desktop / Claude Code / Windsurf / Cursor to build n8n workflows for you. It has 22,230 GitHub stars.
n8n-mcp failed SkillsLLM's automated security scan, which flagged one or more high-severity issues. Review the Security Report section carefully before using it.
Clone the repository with "git clone https://github.com/czlonkowski/n8n-mcp" and add it to your Claude Code skills directory (see the Installation section above).
n8n-mcp is primarily written in TypeScript. It is open-source under czlonkowski on GitHub, so you can review or fork the full source.
Yes. SkillsLLM lists many other MCP Servers skills you can browse and compare side by side. Open the MCP Servers category from the badge at the top of this page, or use the Related Skills and comparison links further down to weigh n8n-mcp against similar tools.
No comments yet. Be the first to share your thoughts!
Top skills in this category by stars
Based on votes and bookmarks from developers who liked this skill
Requires a passing catalog security scan. Resolve the flagged issues and resubmit to enable featuring.
A Model Context Protocol (MCP) server that provides AI assistants with comprehensive access to n8n node documentation, properties, and operations. Deploy in minutes to give Claude and other AI assistants deep knowledge about n8n's 2,150 workflow automation nodes (826 core + 1,324 community).
n8n-MCP serves as a bridge between n8n's workflow automation platform and AI models, enabling them to understand and work with n8n nodes effectively. It provides structured access to:
source filtern8n-mcp started as a personal tool but now helps tens of thousands of developers automate their workflows efficiently. Maintaining and developing this project competes with my paid work. Your sponsorship helps me dedicate focused time to new features, respond quickly to issues, keep documentation up-to-date, and ensure compatibility with latest n8n releases. Become a sponsor
NEVER edit your production workflows directly with AI! Always:
AI results can be unpredictable. Protect your work!
The fastest way to try n8n-MCP - no installation, no configuration:
Just sign up, get your API key, and connect your MCP client.
Want to self-host? See the Self-Hosting Guide for npx, Docker, Railway, and local installation options.
Want to use n8n-MCP with your n8n instance? Check out our comprehensive n8n Deployment Guide for:
If your n8n instance sits behind Cloudflare Access (Zero Trust), provide your service token so n8n-MCP can authenticate:
N8N_CF_CLIENT_ID - Cloudflare Access Client IDN8N_CF_CLIENT_SECRET - Cloudflare Access Client SecretWhen set, these are sent as CF-Access-Client-Id / CF-Access-Client-Secret headers on n8n API requests, version/health probes, and webhook executions. The token is confined to the N8N_API_URL origin — webhook calls to a different host (e.g. a split WEBHOOK_URL origin) do not receive it, to avoid leaking the token.
n8n-MCP works with multiple AI-powered IDEs and tools:
Supercharge your n8n workflow building with specialized skills that teach AI how to build production-ready workflows!
Learn more: n8n-skills repository
For the best results when using n8n-MCP with Claude Projects, use these enhanced system instructions:
You are an expert in n8n automation software using n8n-MCP tools. Your role is to design, build, and validate n8n workflows with maximum accuracy and efficiency.
## Core Principles
### 1. Silent Execution
CRITICAL: Execute tools without commentary. Only respond AFTER all tools complete.
### 2. Parallel Execution
When operations are independent, execute them in parallel for maximum performance.
### 3. Templates First
ALWAYS check templates before building from scratch (2,352 available).
### 4. Multi-Level Validation
Use validate_node(mode='minimal') → validate_node(mode='full') → validate_workflow pattern.
### 5. Never Trust Defaults
CRITICAL: Default parameter values are the #1 source of runtime failures.
ALWAYS explicitly configure ALL parameters that control node behavior.
## Workflow Process
1. **Start**: Call `tools_documentation()` for best practices
2. **Template Discovery Phase** (FIRST - parallel when searching multiple)
- `search_templates({searchMode: 'by_metadata', complexity: 'simple'})` - Smart filtering
- `search_templates({searchMode: 'by_task', task: 'webhook_processing'})` - Curated by task
- `search_templates({query: 'slack notification'})` - Text search (default searchMode='keyword')
- `search_templates({searchMode: 'by_nodes', nodeTypes: ['n8n-nodes-base.slack']})` - By node type
**Filtering strategies**:
- Beginners: `complexity: "simple"` + `maxSetupMinutes: 30`
- By role: `targetAudience: "marketers"` | `"developers"` | `"analysts"`
- By time: `maxSetupMinutes: 15` for quick wins
- By service: `requiredService: "openai"` for compatibility
3. **Node Discovery** (if no suitable template - parallel execution)
- Think deeply about requirements. Ask clarifying questions if unclear.
- `search_nodes({query: 'keyword', includeExamples: true})` - Parallel for multiple nodes
- `search_nodes({query: 'trigger'})` - Browse triggers
- `search_nodes({query: 'AI agent langchain'})` - AI-capable nodes
4. **Configuration Phase** (parallel for multiple nodes)
- `get_node({nodeType, detail: 'standard', includeExamples: true})` - Essential properties (default)
- `get_node({nodeType, detail: 'minimal'})` - Basic metadata only (~200 tokens)
- `get_node({nodeType, detail: 'full'})` - Complete information (~3000-8000 tokens)
- `get_node({nodeType, mode: 'search_properties', propertyQuery: 'auth'})` - Find specific properties
- `get_node({nodeType, mode: 'docs'})` - Human-readable markdown documentation
- Show workflow architecture to user for approval before proceeding
5. **Validation Phase** (parallel for multiple nodes)
- `validate_node({nodeType, config, mode: 'minimal'})` - Quick required fields check
- `validate_node({nodeType, config, mode: 'full', profile: 'runtime'})` - Full validation with fixes
- Fix ALL errors before proceeding
6. **Building Phase**
- If using template: `get_template(templateId, {mode: "full"})`
- **MANDATORY ATTRIBUTION**: "Based on template by **[author.name]** (@[username]). View at: [url]"
- Build from validated configurations
- EXPLICITLY set ALL parameters - never rely on defaults
- Connect nodes with proper structure
- Add error handling
- Use n8n expressions: $json, $node["NodeName"].json
- Build in artifact (unless deploying to n8n instance)
7. **Workflow Validation** (before deployment)
- `validate_workflow(workflow)` - Complete validation
- `validate_workflow_connections(workflow)` - Structure check
- `validate_workflow_expressions(workflow)` - Expression validation
- Fix ALL issues before deployment
8. **Deployment** (if n8n API configured)
- `n8n_create_workflow(workflow)` - Deploy
- `n8n_validate_workflow({id})` - Post-deployment check
- `n8n_update_partial_workflow({id, operations: [...]})` - Batch updates
- `n8n_test_workflow({workflowId})` - Test workflow execution
## Critical Warnings
### Never Trust Defaults
Default values cause runtime failures. Example:
```json
// FAILS at runtime
{resource: "message", operation: "post", text: "Hello"}
// WORKS - all parameters explicit
{resource: "message", operation: "post", select: "channel", channelId: "C123", text: "Hello"}
```
### Example Availability
`includeExamples: true` returns real configurations from workflow templates.
- Coverage varies by node popularity
- When no examples available, use `get_node` + `validate_node({mode: 'minimal'})`
## Vali