kipn.ai
Shared workflow report

The Git Log "Humanizer"

Analyzed

Executive Summary
n8n
Production RiskHigh

Fragile expression — likely to fail when production data shape differs from test data — These expressions work reliably against test data where all fields are present. In production, fields may be absent, null, or differently typed — causing a runtime error or silent null propagation at the point of the expression.

Cost ExposureHigh

AI agent has no iteration limit — In production, agents can enter loops — repeatedly calling a tool that returns ambiguous results. Without an iteration cap, a single execution can generate hundreds of tool calls, causing unpredictable cost spikes and potentially triggering rate limits on connected APIs.

Observability Gap

Side-effect node has no audit trail — If this action is disputed, replayed, or causes a data inconsistency, there is no structured record of what was sent, when, and with what data. Debugging requires cross-referencing n8n execution history with the external system's own logs.

72/ 100
Overall
Risk: HighCost: High
Reliability
30
Security
100
Cost Risk
92
Observability
84
AI Governance
100
Naming
100
Complexity
100
Nodes
15
Edges
10
External calls
5
LLM nodes
2
AI via HTTP
0
Loops
0
Error handlers
0
Unreachable
0
Max depth
5
Workflow Graph
Graph
15 nodes · 10 edges
100%
click a node to highlight its upstream & downstream paths
Controls Matrix
Present Partial Missing
CheckDescriptionStatus
Failure Alerting

Failures silent — only visible in execution log

Missing
Retry on Failure

Transient failures cause permanent stops

Present
Request Timeouts

Slow providers can block execution indefinitely

1 / 4 external nodes have timeout

Partial
Duplicate Prevention

Retry on write events creates duplicate records

Missing
Empty Response Handling

Zero-result lookups break downstream logic

Present
AI Output Limits

Output cost and parsing risk unbounded

Present
AI Output Format

Free-form output will break downstream parsers

Present
Activity Logging

Side effects unlogged

Missing
Write Deduplication

Webhook replays may create duplicate records

Present

Run this analysis on your own workflows

Break Points
1Fragile expressionRisk HighConfidence 85%1 node affected
Affected Nodes:
  • Send to Discord
What happens:

These expressions work reliably against test data where all fields are present. In production, fields may be absent, null, or differently typed — causing a runtime error or silent null propagation at the point of the expression.

Recommended Fix:
  • In `content`, change {{ $('Preparing CHANGELOG.md').item.json.markdown }} to {{ $('Preparing CHANGELOG?.md')?.item?.json?.markdown }}.

2Fragile expressionRisk HighConfidence 85%1 node affected
Affected Nodes:
  • Send to Gmail
What happens:

These expressions work reliably against test data where all fields are present. In production, fields may be absent, null, or differently typed — causing a runtime error or silent null propagation at the point of the expression.

Recommended Fix:
  • In `message`, change {{ $('Preparing CHANGELOG.md').item.json.markdown }} to {{ $('Preparing CHANGELOG?.md')?.item?.json?.markdown }}.

3Missing timeoutRisk MediumConfidence 90%3 nodes affected
Affected Nodes:
  • GitHub Assistant
  • llama-3.1-8b
  • Send to Gmail
What happens:

A single slow external call can block the entire workflow execution. At high trigger frequency, accumulated stuck executions can exhaust the n8n execution queue.

Recommended Fix:

Set a timeout under the node's Additional Options. A value of 10,000–30,000 ms (10–30 seconds) is a reasonable starting point for most APIs; adjust based on the provider's documented SLA.


4Missing error handlerRisk MediumConfidence 85%8 nodes affected
Affected Nodes:
  • Organize Data
  • GitHub Assistant
  • llama-3.1-8b
What happens:

Operators cannot tell from external signals that a run failed. Silent failures go undetected until a downstream system shows missing data or a user reports a problem.

Recommended Fix:

Connect a dedicated Error Workflow in workflow settings, or add a per-node onError: "continueErrorOutput" path that sends an alert via Slack, email, or a logging service.


5Missing audit logRisk MediumConfidence 70%2 nodes affected
Affected Nodes:
  • Send to Discord
  • Send to Gmail
What happens:

If this action is disputed, replayed, or causes a data inconsistency, there is no structured record of what was sent, when, and with what data. Debugging requires cross-referencing n8n execution history with the external system's own logs.

Recommended Fix:

After the write node, add a step that records the key fields of the action to a log — a Google Sheet row append, a database insert to an audit table, or a Slack message to a dedicated ops channel. Include: timestamp, action type, affected ID, and result.


6Agent without iteration limitRisk LowConfidence 85%1 node affected
Affected Nodes:
  • GitHub Assistant
What happens:

In production, agents can enter loops — repeatedly calling a tool that returns ambiguous results. Without an iteration cap, a single execution can generate hundreds of tool calls, causing unpredictable cost spikes and potentially triggering rate limits on connected APIs.

Recommended Fix:

Set maxIterations to 10–20 for most agentic tasks. Monitor actual iteration counts in execution history and adjust up if legitimate tasks are being cut short.


7Fragile expressionRisk LowConfidence 75%1 node affected
Affected Nodes:
  • GitHub Assistant
What happens:

These expressions work reliably against test data where all fields are present. In production, fields may be absent, null, or differently typed — causing a runtime error or silent null propagation at the point of the expression.

Recommended Fix:
  • In `text`, change {{ "Process these raw commits into the required tool format:\n" + JSON.stringify($json.commits) }} to {{ "Process these raw commits into the required tool format:\n" + JSON.stringify($json?.commits) }}.
Cost Hotspots

Currently covers AI/LLM nodes. Non-AI API costs will be added in a future update.

1Agent iteration riskLow exposure10 pts1 node affected
Affected Nodes:
  • GitHub Assistant
What happens:

no max iterations set

Recommended Fix:

Set maxIterations to 10–20 for most agentic tasks. Monitor actual iteration counts in execution history and adjust up if legitimate tasks are being cut short.

Raw Findings (10)
#Issue titleIssue descriptionAffected nodes
1ReliabilityExternal call with no timeout configured

Node "GitHub Assistant" makes an external call with no timeout parameter set. The n8n execution will wait indefinitely if the provider is slow or unresponsive.

GitHub Assistant, llama-3.1-8b, Send to GmailHigh90%
2ReliabilityFragile expression — likely to fail when production data shape differs from test data

Node "Send to Discord" contains expression(s) with risky patterns that assume fields are always present.

Send to DiscordHigh85%
3ReliabilityFragile expression — likely to fail when production data shape differs from test data

Node "Send to Gmail" contains expression(s) with risky patterns that assume fields are always present.

Send to GmailHigh85%
4ReliabilityNo error handler or failure notification path

Workflow has 8 high-risk nodes (external calls or writes) with no configured error workflow and no inline notification path. If a production execution fails, the failure only appears in execution history.

Organize Data, GitHub Assistant, llama-3.1-8b, Output Parser, Putting Data in Table, Preparing CHANGELOG.md, Send to Discord, Send to GmailHigh85%
5Cost RiskAI agent has no iteration limit

Agent node "GitHub Assistant" has no maxIterations or equivalent parameter. The agent will continue calling tools until it decides to stop or hits a platform-level limit.

GitHub AssistantMedium85%
6ReliabilityFragile expression — likely to fail when production data shape differs from test data

Node "GitHub Assistant" contains expression(s) with risky patterns that assume fields are always present.

GitHub AssistantMedium75%
7ObservabilitySide-effect node has no audit trail

Node "Send to Discord" performs a write node: "send to discord" (sideeffect: external_write) operation with no logging or audit trail detected downstream.

Send to DiscordMedium70%
8ObservabilitySide-effect node has no audit trail

Node "Send to Gmail" performs a write node: "send to gmail" (sideeffect: external_write) operation with no logging or audit trail detected downstream.

Send to GmailMedium70%
9ReliabilityFinding: external without retry

Node "GitHub Assistant" (@n8n/n8n-nodes-langchain.agent) is a read-only external call with no retry configured.. sideEffect: read_only, role: ai_agent. Read-only calls are typically safe to retry; enabling retryOnFail improves resilience to transient failures.

GitHub AssistantInfo70%
10ReliabilityFinding: external without retry

Node "llama-3.1-8b" (@n8n/n8n-nodes-langchain.lmChatGroq) is a read-only external call with no retry configured.. sideEffect: read_only, role: ai_model_call. Read-only calls are typically safe to retry; enabling retryOnFail improves resilience to transient failures.

llama-3.1-8bInfo70%

Catch workflow risks before they catch you