Skip to content

Trust

Security & trust

Short, plain-language notes on how this catalog works. We are an open discovery site — not a hosted automation runtime.

What we store

  • Public recipe metadata, markdown guides, and downloadable blueprint files.
  • Contact / submit form messages delivered by email (Resend) — not a public database of your secrets.
  • Optional analytics cookies only if you accept cookie preferences.

What we never want

  • API keys, passwords, tokens, or private customer data in submissions or blueprints.
  • Malicious webhook targets or credential-stealing nodes. Report abuse via contact.

Forms & bots

Public forms use sanitization, honeypot fields, rate limiting, and Cloudflare Turnstile where configured. That reduces spam; it does not guarantee perfect delivery.

Verified vs community

Verified means a human editorial pass with setup guidance — not a security audit of every third-party API. Community means schema-validated import or submission. Always review nodes and credentials in your own environment. Details: how we verify.

Your responsibility

  • Test in non-production workspaces first.
  • Scope MCP filesystem / shell servers carefully.
  • Keep n8n/Make credentials in your secret store, not in shared JSON.

Report an issue

Security or abuse reports: /contact. For legal documents see Privacy and Terms.