How do I build an AI agent that can "remember" previous steps or store long-term context?

I run a few n8n workflows in prod and I've been pulling templates from n8n website and GitHub. Last month I got curious about how safe they actually are if I just import them and wire my credentials. So I wrote a scanner and ran it on all of them.

12,750 templates total. 1,000 from n8n website (the top by views), 11,752 unique from the 8 biggest community repos on GitHub (88k combined stars, the ones you find when you Google "awesome n8n").

2,488 of them have at least one path where a request from the public internet ends up in a sensitive place: shell command, SQL query, AI prompt, HTTP request to an attacker-picked host. No login needed. Anyone who finds the webhook URL can hit them.

Some examples I tested end-to-end against my own synthetic targets:

What I learned that I wish someone had told me sooner: A template is not a finished product. It's a JSON file an author tested with their own credentials, on their own network, against their own threat model. None of that comes with it when you import. The view counter does not measure safety.

Before activating any community template, the two things to check first:

1. Every HTTP Request node's URL field. If it has `={{ $json.x }}` anywhere in the host part, that's an SSRF. Hardcode the host, put the dynamic part in path or query, validate it.

2. Every database node's query field. If the query string has `{{ }}` inside it, switch to the parameterised binding the node already supports.

The agent generating the SQL is not a real boundary.

Also: if the trigger is a public webhook, a public form, or a Telegram/chat bot, anyone on the internet is in your threat model. The README walkthroughs almost never say this.

If you've imported a template and now you're nervous, the post has a "what to check" section at the end. If you've shipped a template yourself, the same section is the patch list.

Just finished a build for a client. Week of work, does what they need, runs fine on my end.

Then I tried to hand it over.

They're non-technical. Like really non-technical. Anything involving accounts, API keys, that kind of stuff and they check out immediately. Sending them the workflow wasn't going to work.

So I kept it on my own instance. But now they have no idea if it's actually running(Message me every few days asking). And if something breaks that's on me at any hour.

I thought about building a small dashboard so they have something to look at. Maybe trigger it manually, see the status. But that's basically a second project on top of the first and I don't know if that's what people normally do or if I'm overcomplicating this.

Also still need to get paid. Invoice is just sitting in their email somewhere.

How do you handle this? Do you use any tools for that?

Hey guys what AI automations are selling right now ? And how to sell them and which industry shall I target I’m running an agency right now

Anyone tried the new Google model? How's it compare?

I am using a compose.yaml file to run my self-hosted n8n and I want to use the .env to store my sensitive information and use it in any workflow. I used the attribute env_file but it is still not working. When trying to create the env variable in the UI there is a warning message that says basically I have to pay to use this feature. How do you use you env variables in your workflows?

I've been heads down with n8n for a while now and I've built a decent number of workflows that are actually running in production, not just test stuff. At some point I realized most of what I learned came from breaking things repeatedly rather than any documentation or YouTube video.

So I figured I'd share some of the stuff that genuinely caught me off guard, because I see the same questions pop up here and I remember how frustrating these were when I hit them.

The expression syntax is probably the thing that messed with my head the longest. The difference between when you need double curly braces and when you don't, why a value shows up correctly in one node and then breaks in the next... that took me embarrassingly long to fully internalize. Once it clicked it became second nature but those early weeks were rough.

Error handling is the other one. I built workflows that worked perfectly for two weeks and then silently failed and I had no idea until someone told me a record was missing. Now I treat error branches as non-negotiable, not optional. Every workflow gets one. The built-in error trigger node is underused by most people starting out.

The webhook timing issues with some third party services also genuinely surprised me. Some platforms fire multiple events for what feels like one action and if your workflow isn't idempotent you end up with duplicate records everywhere. The deduplication logic I eventually settled on is something I wish someone had just handed me on day one.

And honestly the biggest thing... keeping workflows readable for future you. I've gone back to something I built four months ago and had zero idea what I was thinking. Adding sticky notes, keeping node names descriptive, splitting one giant workflow into smaller connected ones. Sounds obvious but I ignored it early on and paid for it.

None of this is groundbreaking but I genuinely think it would have saved me weeks if someone had laid it out plainly. Happy to go deeper on any of it if it's useful.

Workflow Code:
https://gist.github.com/iamvaar-dev/6544545160d058f716b121e7e38e52bc

Pre-requesties:
- Apaleo Client id and secret.

- Apaleo basic authentication key which we recieve just after creation of the dev app.

- seam.co Api key as we need it to generate smart lock pin.

- Twillio API

Workflow 1: Smart Lock PIN Generation & Notifications

This is the primary workflow that runs whenever a room is assigned to a guest.

1. When Reservation Unit Assigned (Apaleo Trigger)
   • What it does: This is the starting point. It listens for a specific webhook event from Apaleo (reservation/unit-assigned). As soon as a staff member assigns a physical room to a booking, this node triggers the automation.
2. Fetch Reservation Details (Apaleo Node)
   • What it does: It takes the ID from the trigger node and makes a request (BookingReservationsByIdGet) to Apaleo to grab the full details of the reservation, specifically the arrival and departure times needed for the smart lock.
3. Map Room ID to Lock ID (Code Node)
   • What it does: This runs custom JavaScript to match the Apaleo room string (e.g., "BER-VWD 1.001") against a hardcoded database of your physical locks. It finds the corresponding Seam locker_id and prepares a clean JSON payload containing the device ID, reservation ID, and the exact start/end times for the lock access.
4. Post Access Code to Seam (HTTP Request Node)
   • What it does: It sends a POST request to Seam's API (/access_codes/create) using the data prepared in the previous step. Seam generates a unique PIN that will automatically activate at check-in time and expire at check-out time.
5. Append PIN to Reservation Note (Apaleo Node)
   • What it does: Uses a PATCH request to update the Apaleo reservation. It takes the newly generated PIN from Seam and saves it directly into the reservation's comments/notes so hotel staff have a record of it.
6. Fetch Customer Contact Data (HTTP Request Node)
   • What it does: Makes another call to Apaleo's API using a Bearer token to pull expanded customer details, specifically the primaryGuest and booker profiles. This is required to get the guest's email address and phone number.
7. Send Email via Gmail (Gmail Node) & Send PIN via Twilio (Twilio Node)
   • What they do: The workflow splits into two parallel actions here.
     • The Gmail node takes the customer's email and sends a beautifully formatted, custom HTML email containing their secure PIN and instructions.
     • The Twilio node simultaneously takes the customer's phone number and sends a concise SMS text message with the PIN for easy access on the go.

Workflow 2: Automated API Token Rotation

Because the Apaleo Bearer token (used in the "Fetch Customer Contact Data" node) likely expires every 60 minutes, this background workflow runs independently to refresh it.

1. Every 58 Minutes Trigger (Schedule Trigger Node)
   • What it does: Acts as a cron job, firing off this secondary sequence exactly every 58 minutes.
2. Fetch Access Token (HTTP Request Node)
   • What it does: Sends a POST request to Apaleo's identity server (identity.apaleo.com/connect/token) using a static Basic Auth key to request a brand new, short-lived access token.
3. Patch API Credential (HTTP Request Node)
   • What it does: This is a clever use of the n8n API itself. It takes the fresh token fetched in the previous step and makes a PATCH request to your n8n instance. It dynamically overwrites the existing "Apaleo Bearer Auth" credential saved in n8n. This ensures that Workflow 1 always has a valid token when it needs to fetch customer data.

https://preview.redd.it/f55kb722l42h1.png?width=864&format=png&auto=webp&s=71f8aa2007c9d72d620ea2ac07584b131fd4855f

Drop a dm for the highres image....

check out the GitHub link to profile -- AxZyzz

https://preview.redd.it/ymq0u89k722h1.png?width=1024&format=png&auto=webp&s=e44ef0a4b818ffba9df2f09cc40d9a67d32d0bee

Would love to help with any new updates or changes, do let me know..

Github link to profile--- AxZyzz

Is there a way I can influence or prevent the LLM from hallucinating or 'guessing' data when extracting info?

Hey,

So I'm a fresh medical doctor and for the past few months I've been building automation workflows on Make like patient triage, WhatsApp reminders, auto-routing intake forms to the right doctor. Stuff that actually makes sense clinically because I understand the workflows from the inside.

Now I'm looking at n8n because anything touching patient data basically needs to be self hosted. Can't argue with that.

But honestly? The more I think about selling this, the more I talk myself out of it.

Doctors are scared of litigation. Like, genuinely scared. Getting them to trust a third party automation guy with patient data isn't a two call close. It's months of "let me run this by our legal team" and then silence. I'd be doing weeks of free education and hand holding before a single rupee comes in. That sales cycle sounds soul crushing.

And then there's the bigger worry that Epic, Zoho Health, and every major EMR is quietly building this stuff natively. Why would a clinic pay me when their existing software rolls it out as a feature update?

I keep getting told my clinical background is the differentiator. And okay, maybe. I do understand why a triage workflow needs to be built a certain way, not just how to connect the nodes. But is that actually enough for someone to pay thousands when Claude and built in tools exist?

I want to stick with this but I also need to earn something within a reasonable time to not lose my mind. If first income is 12 months away I'm cooked.

Anyone here who's actually sold automation to healthcare clients? How long did it take, and was the compliance angle a genuine selling point or just more friction?

Hey Makers,

Does a platform exist where n8n makers can publish their workflows and non-technical users can subscribe to get the output without setting up n8n themselves?

Looking for something like a marketplace between workflow builders and end users.

https://preview.redd.it/i6gpvnlq832h1.png?width=1920&format=png&auto=webp&s=1c5e1092f65122b1d29b3f425046822208a90751

👋 Hey n8n Community,

You might remember Mike – friend of mine who runs a small company. Most of the automations I've built over the last months have been for him and his finance colleague Sarah (duplicate invoice detector, Slack approvals, invoice classification, the whole thing).

This time it wasn't a finance problem. Mike called me last week because the company's going through a bigger hiring phase right now, and he has exactly one recruiter – let's call her Lisa – who's drowning.

The problem:

Lisa goes through dozens of CVs every day. The annoying part isn't reading them – it's that every single CV looks different. Different layouts, different sections, different orders. Some are PDFs, some are screenshots, some are exports from LinkedIn. Lisa already knows exactly what she cares about for the first-pass screen:

• Last 3 roles
• Last 3 educations
• Top 3 skills
• Location
• Years of experience
• LinkedIn link (if she wants to dig deeper)

But to extract those 6 things from a CV that's structured however the candidate felt like structuring it, she has to read the whole thing every time. Multiply by 30 a day. That's hours.

Mike asked: "Can you build her something that just shows her those 6 things, in the same format, every time?"

The build:

I wanted Lisa to be able to use this from where she already works – which is mostly Slack. So the flow ended up being:

1. Lisa drops a CV (PDF, PNG, or JPG) into a dedicated Slack channel
2. Bot picks it up, runs it through the easybits Extractor with 8 structured fields
3. Bot posts a clean summary back in the thread within ~5 seconds: name, location, years of experience, top 3 skills, last 3 roles with dates, education, salary expectations (if mentioned), LinkedIn
4. Below the summary, an action card with two buttons: 💾 Save to Sheet or Dismiss
5. Save → appends a row to a Google Sheet with all the fields split into discrete columns (sortable, filterable). Dismiss → just removes the card

The Sheet is a placeholder for now – Mike's actually still in talks with different ATS providers, so once they pick one I'll just swap the Sheets node for whatever API the ATS exposes. Same workflow shape, different endpoint.

What ended up being harder than I expected:

I had to split this into two workflows. Workflow A handles the trigger and posts the summary + card. Workflow B catches button clicks from the card and does the Sheet append. Same pattern as the Slack invoice approval I shared a while back — Slack interactivity needs its own webhook endpoint, and you can't have both a trigger and a webhook listener in the same workflow without conflicts.

The other annoying gotcha: the n8n Slack node has a bug right now where Block Kit payloads sometimes just don't render – you get the fallback text only ("Action menu") with no buttons. Worked around it by posting the action card via a direct HTTP call to chat.postMessage instead of using the Slack node. Documented this in the sticky notes so anyone running into it knows the fix.

Why CV screening fits extraction so well:

The interesting thing here is that this is exactly the kind of task that has historically been done with custom CV parsers or expensive ATS resume-parsing add-ons. But once you treat a CV as just another structured document, the easybits Extractor handles it the same way it handles invoices or contracts. 8 fields, description per field, return null when not present – same pattern I've been using all year.

The whole thing runs on the free plan since it's under 10 fields.

The templates:

• Workflow A (lookup): https://github.com/felix-sattler-easybits/n8n-workflows/blob/a8138f54ec6b225b7e90e2a66b4491c746767214/easybits-cv-slack-assistant/easybits_cv_slack_assistant_instant_summary.json
• Workflow B (save action): https://github.com/felix-sattler-easybits/n8n-workflows/blob/a8138f54ec6b225b7e90e2a66b4491c746767214/easybits-cv-slack-assistant/easybits_cv_slack_assistant_save_to_sheet_and_card_actions.json

Sticky notes cover the full setup – Slack app config, scopes, credentials, Sheet schema. Both workflows together take about 20 min to wire up if you've done a Slack integration before.

Curious if anyone else has built recruiter tooling in n8n – would love to hear what fields you found most useful, or if you've gone deeper into ATS integration than I have so far.

Best,
Felix

I am using the AI ​​Agent Node within a workflow. This node, in turn, utilizes three AI Agent Tool Nodes. I want to set the prompts for these Tool Nodes dynamically and contextually. Typically, in a linear workflow, I would load or define the prompt beforehand; however, the Tool Nodes are isolated from the "preceding" nodes. Are there still ways to achieve this?

Quick share for anyone still on the fence.

Before this, my workflow was the usual dance. I’d go on claude.ai, describe what I wanted to build, copy the JSON, paste it into n8n, watch it fail, go back to Claude to debug, paste the error, get a fix, try again. It worked but it was slow and I was the bottleneck.
Then I installed n8n-MCP (the one from czlonkowski on GitHub, pretty well known in the community now) and plugged it into Claude Code. Honestly it changed how I work.

Now I just write a clear prompt. Claude reads the MCP, picks the right nodes, builds the workflow, deploys it, checks if it ran, sees where it failed, fixes itself and iterates until the thing actually works. I just sit there, test the output, tell it what to tweak, what I prefer, and move on. I’m basically a reviewer now. A guy who checks if it works and gives directions.

Productivity is roughly 5x for me. Workflows I would have given up on a few months ago I now ship in an afternoon. Stuff with weird branching, custom code nodes, error handling, all of it.

That said, there’s a thing that bugs me a bit. I miss the craft. Before, I was building these workflows by hand, breaking them, fixing them, and there was a real satisfaction when it finally clicked. Now it’s faster and more reliable but that feeling is mostly gone. And honestly I’m a little scared of losing my hands-on skills. I still keep the logic in my head, I still know why a workflow is structured a certain way, but the muscle memory of actually building it node by node, that’s fading.

Now here’s the thing I really want to say, especially to people just getting into automation.

I’m genuinely glad I learned n8n the hard way. Manually, iterating, failing, rebuilding, getting actual results at the end. Because that’s what makes the AI agent useful in the first place. If you already did the craft, if you already wrote workflows by hand, broke them, tested them, fixed them, then when you switch to Claude Code or any coding agent your productivity goes through the roof and you make way fewer mistakes than someone who never built anything themselves. You can actually dictate what you want because you know what’s possible.

Think about someone who spent three hours on n8n and jumps straight into an agent. What are they going to tell it? Nothing useful. They don’t know the field of possibilities. They don’t know what n8n can or can’t do, so they can’t ask for the right thing.
Same logic for code. If you want to vibe code, fine, but at least master one programming language first. Do it the hard way. Build stuff manually. Break it. Get frustrated. Because in the end you’ll have a real mental map of what’s possible, you’ll spot bugs faster, and you’ll get way more out of the agent.
The combo is craft first, agent second. Not the other way around.

Curious if anyone else feels the same tension between speed and craft. And if you’re using n8n-MCP too, drop your setup, always interested in how other people prompt this thing.