Free CLI tool to audit common self-hosting risks on n8n

Hey everyone,

After the recent critical n8n vulnerability disclosures, I built a small Python CLI tool to help self-hosted n8n users check common security risks.

It checks:

• n8n version exposure against recent CVEs
• whether the instance is publicly reachable
• missing security headers
• Docker Compose risks
• SQLite usage in production
• missing Docker volumes
• exposed port 5678
• missing restart policy
• missing N8N_ENCRYPTION_KEY

Usage:

pip install httpx

python3 legion_n8n_audit.py --host https://your-n8n-domain.com

Optional Docker Compose check:

python3 legion_n8n_audit.py \
–host https://your-n8n-domain.com \
–docker-compose ./docker-compose.yml

Repo:

This is not an official n8n tool.
It is just a lightweight external audit script for self-hosted setups.

Disclosure:
I offer paid hardening help for self-hosted n8n instances, but the script itself is free.

If anyone tests it, I’d appreciate feedback.

Good attempt !!! @zerogemo

My score

image966×353 10.2 KB

Covering SQLite in production and missing N8N_ENCRYPTION_KEY in the same audit is a smart combo - those two are responsible for a lot of silent failures in self-hosted setups. The port 5678 exposure check is genuinely useful too since a lot of fresh installs skip the reverse proxy step entirely. Nice contribution for the self-hosting community.