InfraFlow DevOps

n8n

31 automationsSaaS / DevOps

Last audit: Apr 1, 2026

Automation Health Score

52/100

Warning

AI Diagnostic

Generating diagnostic...

Issues Found

🔴

Critical

Self-Hosted Instance Memory Exhaustion

All Workflows — n8n Worker Process

The n8n worker process is consuming 95%+ of available memory, causing the execution queue to back up. OOM kills have silently dropped 23 workflow executions in the last 48 hours — including incident alerts and customer onboarding triggers. Unlike cloud platforms, self-hosted n8n requires manual infrastructure monitoring.

Recommendation: Set NODE_OPTIONS=--max-old-space-size=4096 in your n8n environment. Enable n8n's queue mode with a dedicated Redis instance to distribute execution load across multiple worker processes. Add a memory usage alert at 80% threshold.

Webhook Tunnel Expired

Inbound Webhooks — GitHub, PagerDuty, Stripe

The Cloudflare tunnel exposing your n8n webhook endpoint expired 18 hours ago. All inbound webhooks from GitHub (deploy notifications), PagerDuty (incident routing), and Stripe (payment events) are returning 502. External services are retrying but will stop after 72 hours — you have ~54 hours before data is permanently lost.

Recommendation: Restart the Cloudflare tunnel immediately with cloudflared service install to run as a persistent system service with auto-reconnect. Migrate away from ngrok to a permanent tunnel solution. After restoring, check each service's webhook delivery logs for failed events and replay them.

PostgreSQL Connection Pool Saturated

All Workflows — Database Backend

n8n's database connection pool (configured at default of 10) is fully exhausted. New workflow executions are timing out waiting for database connections. The execution history shows 47 'connection timeout' errors in the last 24 hours. Workflows appear to start but silently fail when they can't persist execution data.

Recommendation: Increase DB_POSTGRESDB_POOL_SIZE to 25 in your n8n environment config. For a long-term fix, add PgBouncer as a connection pooler between n8n and PostgreSQL. Also check for long-running transactions that may be holding connections open unnecessarily.

🟡

Warning

Credential Encryption Key Rotation Overdue

Security — N8N_ENCRYPTION_KEY

Your N8N_ENCRYPTION_KEY hasn't been rotated in 11 months. All stored credentials — API keys, OAuth tokens, database passwords — are encrypted with this key. If compromised, every integration credential in your n8n instance is exposed. Security policy requires rotation every 90 days.

Recommendation: Generate a new encryption key, export all credentials, update N8N_ENCRYPTION_KEY in your environment, and re-import credentials. Schedule this as a quarterly maintenance task. Consider storing the key in a secrets manager like Vault or AWS Secrets Manager.

Deprecated HTTP Request Node v1

8 Workflows Using Legacy Nodes

Eight workflows still use the deprecated HTTP Request node v1 which lacks retry logic, proper timeout handling, and pagination support. These workflows fail silently on transient network errors — your Slack notification workflow alone has had 12 unretried failures this month. n8n v1.30+ ships HTTP Request v4 with built-in retry and backoff.

Recommendation: Replace HTTP Request v1 nodes with v4 in all 8 workflows. Start with the Slack notification and PagerDuty workflows since those are most failure-sensitive. The v4 node has a migration path — copy the URL and headers, then configure retry on 429/5xx responses.

🔵

Info

Unused Community Node Installed

n8n-nodes-carbonejs — Document Generation

A community node for document generation (n8n-nodes-carbonejs) was installed 5 months ago and is not used in any active workflow. Community nodes increase the attack surface — they run with full n8n permissions, aren't audited by the n8n team, and can break during version upgrades.

Recommendation: Remove the unused community node via n8n Settings → Community Nodes → Uninstall. Audit all installed community nodes quarterly — only keep nodes actively used in production workflows.

Execution Data Retention Unbounded

n8n Database — Execution History

EXECUTIONS_DATA_MAX_AGE is not configured. Your execution history table has grown to 2.3 million rows (14 GB), progressively slowing down the n8n UI, increasing database backup times, and consuming disk space. The execution list page now takes 8+ seconds to load.

Recommendation: Set EXECUTIONS_DATA_MAX_AGE=168 (7 days) in your n8n environment to auto-prune old execution data. For compliance, export execution logs to an external logging service before enabling pruning. Run a one-time cleanup: DELETE FROM execution_entity WHERE "startedAt" < NOW() - INTERVAL '30 days'.