21 validators ported to pure JS. 66 node types / 245 versions, with displayOptions and defaults preserved. Zero LLM tokens consumed — deterministic ground truth for AI agents that read or generate n8n workflows.
Paste a workflow JSON, click validate. Calls POST /validate directly from your browser.
| Feature | SDK out-of-the-box | n8n-flow-auditor |
|---|---|---|
| Trigger / disconnected detection | ✓ | ✓ |
| Node type schema validation | requires setSchemaBaseDirs() | ✓ built-in (66 types / 245 versions) |
| Sub-node connection validation | requires nodeTypesProvider | ✓ built-in |
| Hardcoded credential detection | ✗ | ✓ Bearer / sk- / xox / AKIA / AIza patterns |
| Filter / IF / Switch shape | ✗ | ✓ FILTER_MISSING_*, SWITCH_WRONG_RULES_KEY |
| Expression syntax (=prefix, $json paths) | ✗ | ✓ MISSING_EXPRESSION_PREFIX, INVALID_EXPRESSION_PATH |
| Date method misuse (.toISOString on Luxon) | ✗ | ✓ |
| Sticky note prompt-injection check | ✗ | ✓ analyze_sticky_notes tool |
| Edge runtime compatible | ✗ isolated-vm needs native build | ✓ pure JS, runs on Workers |
| Backed by 36-workflow regression suite | n/a | ✓ CI fails if match drops <95% |
Catalog covers 66 node types across 245 versions. Benchmarked against 36 real-world workflows with a 35/36 match rate versus the SDK (the delta is a real bug we catch and the SDK misses).
Five tools exposed at /mcp. JSON-RPC 2.0 over Streamable HTTP, MCP protocol 2025-06-18.
Run all 21 validators on a workflow JSON. Returns errors and warnings with codes, severities, and parameter paths.
Fetch a workflow from a user-supplied n8n instance and validate. Credentials passed per-call, not stored.
Returns the 66 types in the catalog with their available versions. Lets the LLM know which nodes have schema enforcement.
Returns canonical shape (inputs, outputs, properties with required/displayOptions/defaults) for a type+version.
Heuristic prompt-injection detection in sticky notes. 12 regex patterns, 0 LLM tokens. Returns flags + suspicionScore + recommendation.
Authentication is OAuth 2.1 self-hosted with GitHub as upstream IdP. First connection opens a browser to GitHub for login; subsequent calls use a 30-day token automatically. Per-user rate limit: 60 requests/min.
Open ~/.claude/claude_desktop_config.json
{
"mcpServers": {
"n8n-flow-auditor": {
"url": "https://n8n-auditor.automators.work/mcp"
}
}
}
Restart Claude Desktop. The first time you invoke a tool, Claude opens GitHub OAuth in your browser. Authorize once and you're done — ask "validate this n8n workflow" and paste the JSON.