feat(skill): add local n8n webhook skill draft
This commit is contained in:
zap
78
skills/n8n-webhook/SKILL.md
Normal file
78
skills/n8n-webhook/SKILL.md
Normal file
@@ -0,0 +1,78 @@
|
||||
---
|
||||
name: n8n-webhook
|
||||
description: Trigger authenticated local n8n webhooks on the LAN for OpenClaw-to-n8n integration. Use when calling safe, narrow workflows on the dedicated local n8n-agent instance, such as ping/test endpoints, action-bus style workflows, notifications, logging, or other preapproved webhook entrypoints. Do not use for broad n8n admin/API management, workflow mutation, credential management, or unrestricted orchestration.
|
||||
---
|
||||
|
||||
# N8n Webhook
|
||||
|
||||
Use this skill to call the local `n8n-agent` webhook surface on:
|
||||
|
||||
- `http://192.168.153.113:18808` (primary LAN)
|
||||
- `http://100.123.88.127:18808` (Tailscale)
|
||||
|
||||
Keep the integration narrow: let OpenClaw decide what to do, and let n8n execute a small set of explicit workflows.
|
||||
|
||||
## Policy
|
||||
|
||||
1. Prefer named webhook entrypoints over generic admin APIs.
|
||||
2. Send JSON and expect JSON back.
|
||||
3. Use header auth by default (`x-openclaw-secret`).
|
||||
4. Use `/webhook-test/` only while building/editing a workflow.
|
||||
5. Surface non-2xx responses clearly instead of pretending success.
|
||||
6. If a new workflow is needed, define its request/response contract before wiring callers.
|
||||
|
||||
## Quick usage
|
||||
|
||||
Set the shared secret once for the shell session:
|
||||
|
||||
```bash
|
||||
export N8N_WEBHOOK_SECRET='replace-me'
|
||||
```
|
||||
|
||||
Call a production webhook:
|
||||
|
||||
```bash
|
||||
scripts/call-webhook.sh openclaw-ping --data '{"message":"hello from OpenClaw"}'
|
||||
```
|
||||
|
||||
Call a test webhook while editing a flow:
|
||||
|
||||
```bash
|
||||
scripts/call-webhook.sh openclaw-ping --test --data '{"message":"hello from OpenClaw"}'
|
||||
```
|
||||
|
||||
Pretty-print JSON response:
|
||||
|
||||
```bash
|
||||
scripts/call-webhook.sh openclaw-ping --pretty --data '{"message":"hello"}'
|
||||
```
|
||||
|
||||
## Workflow
|
||||
|
||||
### Call an existing safe webhook
|
||||
|
||||
1. Confirm the target webhook path is already intended for agent use.
|
||||
2. Use `scripts/call-webhook.sh` with JSON input.
|
||||
3. Treat any non-2xx response as a failure that needs investigation.
|
||||
|
||||
Current known endpoint:
|
||||
|
||||
- `openclaw-ping` — basic end-to-end connectivity check
|
||||
|
||||
### Add a new webhook-backed capability
|
||||
|
||||
1. Write down the webhook path, required auth, request JSON, and response JSON.
|
||||
2. If the shape is more than trivial, read `references/payloads.md` first.
|
||||
3. Keep the first version small and explicit.
|
||||
4. Only add the new endpoint to regular use after a successful `/webhook-test/` run.
|
||||
|
||||
## Environment variables
|
||||
|
||||
- `N8N_BASE_URL` — override base URL (default `http://192.168.153.113:18808`)
|
||||
- `N8N_WEBHOOK_SECRET` — required shared secret for authenticated calls
|
||||
- `N8N_SECRET_HEADER` — header name (default `x-openclaw-secret`)
|
||||
|
||||
## Resources
|
||||
|
||||
- `scripts/call-webhook.sh` — authenticated POST helper for local n8n webhooks
|
||||
- `references/payloads.md` — suggested request/response contracts and naming conventions
|
||||
Reference in New Issue
Block a user