Trust
Security & trust
Short, plain-language notes on how this catalog works. We are an open discovery site — not a hosted automation runtime.
What we store
- Public recipe metadata, markdown guides, and downloadable blueprint files.
- Contact / submit form messages delivered by email (Resend) — not a public database of your secrets.
- Optional analytics cookies only if you accept cookie preferences.
What we never want
- API keys, passwords, tokens, or private customer data in submissions or blueprints.
- Malicious webhook targets or credential-stealing nodes. Report abuse via contact.
Forms & bots
Public forms use sanitization, honeypot fields, rate limiting, and Cloudflare Turnstile where configured. That reduces spam; it does not guarantee perfect delivery.
Verified vs community
Verified means a human editorial pass with setup guidance — not a security audit of every third-party API. Community means schema-validated import or submission. Always review nodes and credentials in your own environment. Details: how we verify.
Your responsibility
- Test in non-production workspaces first.
- Scope MCP filesystem / shell servers carefully.
- Keep n8n/Make credentials in your secret store, not in shared JSON.
Report an issue
Security or abuse reports: /contact. For legal documents see Privacy and Terms.