github-mirror/n8n
1
0
Fork 0
mirror of https://github.com/n8n-io/n8n.git synced 2026-06-03 02:07:06 +02:00
Code Issues Actions 15 Packages Projects Releases Wiki Activity Graph

fix(core): Move instance AI builds to a skill (#31412)

Browse Source
This commit is contained in:
Albert Alises 2026-06-02 18:06:00 +02:00 committed by GitHub
parent bfff25f05d
commit 332d2df44e
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
89 changed files with 2849 additions and 7474 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
packages/@n8n/api-types/src/index.ts
View File

@ -312,7 +312,6 @@ export {
GATEWAY_CONFIRMATION_REQUIRED_PREFIX,
InstanceAiSendMessageRequest,
InstanceAiEvalExecutionRequest,
InstanceAiEvalSubAgentRequest,
instanceAiGatewayKeySchema,
InstanceAiGatewayEventsQuery,
InstanceAiEventsQuery,
@ -400,9 +399,6 @@ export type {
InstanceAiEvalMockedCredential,
InstanceAiEvalRewrittenCredential,
InstanceAiEvalExecutionResult,
InstanceAiEvalToolCall,
InstanceAiEvalToolResult,
InstanceAiEvalSubAgentResponse,
} from './schemas/instance-ai.schema';
export {

7
packages/@n8n/api-types/src/schemas/__tests__/agent-run-reducer.test.ts
View File

@ -334,12 +334,17 @@ describe('agent-run-reducer', () => {
it('applies rich render hints to background agent tools', () => {
const state = stateWithRun('run-1', 'root');
reduceEvent(state, makeToolCall('run-1', 'root', 'tc-builder', 'build-workflow-with-agent'));
reduceEvent(state, makeToolCall('run-1', 'root', 'tc-builder', 'build-workflow'));
reduceEvent(
state,
makeToolCall('run-1', 'root', 'tc-legacy-builder', 'build-workflow-with-agent'),
);
reduceEvent(state, makeToolCall('run-1', 'root', 'tc-research', 'research-with-agent'));
reduceEvent(state, makeToolCall('run-1', 'root', 'tc-eval-setup', 'eval-setup-with-agent'));
reduceEvent(state, makeToolCall('run-1', 'root', 'tc-skill', 'load_skill'));
expect(state.toolCallsById['tc-builder'].renderHint).toBe('builder');
expect(state.toolCallsById['tc-legacy-builder'].renderHint).toBe('builder');
expect(state.toolCallsById['tc-research'].renderHint).toBe('researcher');
expect(state.toolCallsById['tc-eval-setup'].renderHint).toBe('eval-setup');
expect(state.toolCallsById['tc-skill'].renderHint).toBe('skill');

40
packages/@n8n/api-types/src/schemas/instance-ai.schema.ts
View File

@ -1051,7 +1051,7 @@ export interface InstanceAiModelCredential {
export function getRenderHint(toolName: string): InstanceAiToolCallState['renderHint'] {
if (toolName === 'task-control') return 'tasks';
if (toolName === 'delegate') return 'delegate';
if (toolName === 'build-workflow-with-agent') return 'builder';
if (toolName === 'build-workflow' || toolName === 'build-workflow-with-agent') return 'builder';
if (toolName === 'research-with-agent') return 'researcher';
if (toolName === 'plan') return 'planner';
if (toolName === 'eval-setup-with-agent') return 'eval-setup';
@ -1167,41 +1167,3 @@ export class InstanceAiEvalExecutionRequest extends Z.class({
*/
pinNodes: z.array(z.string().min(1)).max(50).optional(),
}) {}
// ---------------------------------------------------------------------------
// Sub-agent evaluation endpoint
// ---------------------------------------------------------------------------
export class InstanceAiEvalSubAgentRequest extends Z.class({
/** Role name from the server's sub-agent registry (currently: "builder"). */
role: z.string().min(1).max(64),
/** The task the sub-agent should perform. */
prompt: z.string().min(1).max(10_000),
/** Optional model override. Defaults to the server's configured Instance AI model. */
modelId: z.string().min(1).optional(),
/** Max agent steps. Defaults to 40. */
maxSteps: z.number().int().positive().max(200).optional(),
/** Per-run timeout in ms. Defaults to 120_000. Max: 600_000. */
timeoutMs: z.number().int().positive().max(600_000).optional(),
}) {}
export interface InstanceAiEvalToolCall {
toolName: string;
args: unknown;
}
export interface InstanceAiEvalToolResult {
toolName: string;
result: unknown;
isError: boolean;
}
export interface InstanceAiEvalSubAgentResponse {
text: string;
toolCalls: InstanceAiEvalToolCall[];
toolResults: InstanceAiEvalToolResult[];
capturedWorkflowIds: string[];
durationMs: number;
stopReason?: string;
error?: string;
}

17
packages/@n8n/instance-ai/docs/architecture.md
View File

@ -132,7 +132,6 @@ prompts written by the orchestrator.
```mermaid
graph TD
O[Orchestrator Agent] -->|delegate| S1[Sub-Agent: role A]
O -->|build-workflow-with-agent| S2[Builder Agent]
O -->|plan| S3[Planned Tasks]
O -->|direct| T1[list-workflows]
O -->|direct| T2[run-workflow]
@ -140,17 +139,16 @@ graph TD
O -->|direct| T4[plan]
O -->|direct| T5[data-tables]
S3 -->|kind: build-workflow| S4[Builder Agent]
S3 -->|kind: build-workflow| S4[Orchestrator Follow-Up]
S3 -->|kind: delegate| S7[Custom Sub-Agent]
S1 -->|tools| T6[get-execution]
S1 -->|tools| T7[get-workflow]
S2 -->|tools| T8[search-nodes]
S2 -->|tools| T9[build-workflow]
S4 -->|tools| T8[search-nodes]
S4 -->|tools| T9[build-workflow]
style O fill:#f9f,stroke:#333
style S1 fill:#bbf,stroke:#333
style S2 fill:#bbf,stroke:#333
style S3 fill:#ffa,stroke:#333
style S4 fill:#bbf,stroke:#333
style S7 fill:#bbf,stroke:#333
@ -162,14 +160,13 @@ graph TD
- Planning (plan tool — always direct)
- Verification and credential application (verify-built-workflow, apply-workflow-credentials)
**Single-task delegation** (`delegate`, `build-workflow-with-agent`):
- Complex multi-step operations (building workflows, debugging failures)
**Single-task delegation** (`delegate`):
- Complex multi-step operations that are not handled by a planned build follow-up
- Tasks that benefit from clean context (no accumulated noise)
- Builder agent runs as a background task — returns immediately
**Multi-task plans** (`plan` tool):
- Dependency-aware task graphs with parallel execution
- Each task dispatched to a preconfigured executor (builder, checkpoint, or delegate)
- Each task dispatched to a preconfigured executor (build-workflow, checkpoint, or delegate)
- User approves the plan before execution starts
The orchestrator decides what to delegate based on complexity — simple reads
@ -183,7 +180,7 @@ The agent package — framework-agnostic business logic.
- **Agent factory** (`agent/`) — creates orchestrator instances with tools, memory, MCP, and tool search
- **Sub-agent factory** (`agent/`) — creates stateless sub-agents with mandatory protocol and tool subsets
- **Orchestration tools** (`tools/orchestration/`) — `plan`, `delegate`, `build-workflow-with-agent`, `update-tasks`, `cancel-background-task`, `correct-background-task`, `verify-built-workflow`, `report-verification-verdict`, `apply-workflow-credentials`
- **Orchestration tools** (`tools/orchestration/`) — `plan`, `delegate`, `update-tasks`, `cancel-background-task`, `correct-background-task`, `verify-built-workflow`, `report-verification-verdict`, `apply-workflow-credentials`
- **Domain tools** (`tools/`) — native tools across workflows, executions, credentials, nodes, data tables, workspace, web research, filesystem, templates, and best practices
- **Runtime** (`runtime/`) — stream execution engine, resumable streams with HITL suspension, background task manager, run state registry
- **Planned tasks** (`planned-tasks/`) — task graph coordination, dependency resolution, scheduled execution

2
packages/@n8n/instance-ai/docs/configuration.md
View File

@ -14,6 +14,8 @@ All Instance AI configuration is done via environment variables.
| `N8N_INSTANCE_AI_MCP_SERVERS` | string | `''` | Comma-separated MCP server configs. Format: `name=url,name=url` |
| `N8N_INSTANCE_AI_SUB_AGENT_MAX_STEPS` | number | `100` | Maximum LLM reasoning steps for sub-agents spawned via delegate tool |
| `N8N_INSTANCE_AI_LOCAL_GATEWAY_DISABLED` | boolean | `false` | Disable the local gateway (filesystem, shell, browser) for all users |
| `N8N_INSTANCE_AI_ENFORCE_CREATE_TASKS_REPLAN` | boolean | `true` | Reject `create-tasks` outside replan contexts unless the request explicitly bypasses planner discovery. |
| `N8N_INSTANCE_AI_ENFORCE_BUILD_VIA_PLAN` | boolean | `true` | Reject direct `build-workflow` calls unless they run from an approved plan or explicitly allowed build context. |
### Tracing

3
packages/@n8n/instance-ai/docs/memory.md
View File

@ -93,8 +93,7 @@ All memory is thread-scoped (isolated per conversation):
### Sub-agent memory
Sub-agents are fully stateless — context is passed via the briefing and
`conversationContext` fields in the `delegate` and `build-workflow-with-agent`
tools.
`conversationContext` fields in the `delegate` tool.
Past failed attempts are tracked via the `IterationLog` (stored in thread
metadata) and appended to sub-agent briefings on retry, providing cross-attempt

30
packages/@n8n/instance-ai/docs/tools.md
View File

@ -43,7 +43,7 @@ for approval before execution starts.
- On denial: returns feedback for the LLM to revise the plan
**Task kinds** map to executors:
- `build-workflow`workflow builder agent (sandbox or tool mode)
- `build-workflow`orchestrator follow-up run using the workflow-builder skill
- `delegate` → custom sub-agent with orchestrator-specified tool subset
- `checkpoint` → orchestrator-executed verification step
@ -88,34 +88,6 @@ tracking during synchronous work.
**Behavior**: Saves to storage, publishes `tasks-update` event for live UI refresh.
### `build-workflow-with-agent`
Spawn a specialized builder sub-agent as a background task. Returns immediately —
the builder runs detached from the orchestrator.
| Field | Type | Required | Description |
|-------|------|----------|-------------|
| `task` | string | yes | What to build and any context |
| `workflowId` | string | no | Existing workflow ID to modify |
| `conversationContext` | string | no | What user already knows |
**Returns**: `{ result: string }` — contains task ID for background tracking.
**Two modes** (selected based on sandbox availability):
- **Sandbox mode** (`N8N_INSTANCE_AI_SANDBOX_ENABLED=true`): agent writes TypeScript
to `~/workspace/src/workflow.ts`, runs `tsc` for validation, and calls `submit-workflow`.
Gets filesystem and `execute_command` tools from the workspace.
- **Tool mode** (fallback): agent uses string-based `build-workflow` tool with
`get-node-type-definition`, `get-workflow-as-code`, `search-nodes`.
Both modes: max 30 steps, publishes events to the event bus, non-blocking.
**Sandbox-only tools** (not in `createAllTools`, only available to the builder):
- `submit-workflow` — reads TypeScript from sandbox, parses/validates, resolves credentials, saves
- `materialize-node-type` — fetches `.d.ts` definitions and writes to sandbox for `tsc`
- `write-sandbox-file` — writes files to sandbox workspace (path-traversal protected)
### `cancel-background-task` *(conditional)*
Cancel a running background task by its ID.

99
packages/@n8n/instance-ai/evaluations/README.md
View File

@ -5,19 +5,19 @@ Tests whether workflows built by Instance AI actually work by executing them wit
Four harnesses live here:
- **`eval:instance-ai`** — end-to-end build + mocked execution + LLM verification (drives a running n8n instance)
- **`eval:subagent`** — builder sub-agent against live n8n, scored by binary checks (drives a running n8n instance)
- **`eval:subagent`** — compatibility corpus that drives the live orchestrator build path, scored by binary checks
- **`eval:discovery`** — orchestrator in-process, scored against required or forbidden tool/dispatch events (no n8n server)
- **`eval:pairwise`** — builder sub-agent in-process, scored by an LLM judge panel against do/don't lists (no n8n server). Intended for head-to-head comparison with `ai-workflow-builder.ee` on the same dataset
- **`eval:pairwise`** — live orchestrator workflow builds, scored by an LLM judge panel against do/don't lists. Intended for head-to-head comparison with `ai-workflow-builder.ee` on the same dataset
Sections:
- [Running e2e + sub-agent evals](#running-evals)
- [Running e2e + workflow-build evals](#running-evals)
- [Regression detection](#regression-detection)
- [Running evals against pre-built workflows](#running-evals-against-pre-built-workflows)
- [Running discovery evals](#discovery-evals)
- [Running pairwise evals](#pairwise-evals)
- [How the e2e harness works](#how-the-e2e-harness-works)
- [How the sub-agent harness works](#how-the-sub-agent-harness-works)
- [How the workflow-build harness works](#how-the-workflow-build-harness-works)
## Running evals
@ -331,71 +331,51 @@ criteria using an LLM judge panel (3 judges by default, majority vote on
`pairwise_primary`, mean fraction of criteria satisfied on
`pairwise_diagnostic`). The point is **head-to-head comparison with
`ai-workflow-builder.ee`** on the same dataset (default
`notion-pairwise-workflows`), so the judge panel, defaults, and metric keys
`instance-ai-builder-from-plans`), so the judge panel, defaults, and metric keys
are imported from that package directly.
Unlike the e2e and sub-agent harnesses, pairwise runs the **builder
sub-agent in-process** — no n8n server, no Docker, no live workflow service.
Stub services capture `createFromWorkflowJSON` calls; HITL suspensions are
auto-approved.
Pairwise drives the same live orchestrator chat/build path as the workflow-build
evals, then scores the captured workflow with the pairwise judge panel.
### Quick start
```bash
# From packages/@n8n/instance-ai/
# 1. Local fixture (small smoke set, no LangSmith required)
N8N_AI_ANTHROPIC_KEY="$ANTHROPIC_API_KEY" pnpm eval:pairwise --judges 1
# 1. Small LangSmith smoke set against a running n8n instance
LANGSMITH_API_KEY=... N8N_AI_ANTHROPIC_KEY="$ANTHROPIC_API_KEY" \
pnpm eval:pairwise --judges 1 --max-examples 3
# 2. Full LangSmith dataset
LANGSMITH_API_KEY=... N8N_AI_ANTHROPIC_KEY="$ANTHROPIC_API_KEY" \
pnpm eval:pairwise:langsmith --judges 3
pnpm eval:pairwise --judges 3
# 3. Rerun a specific subset (one example ID per line; #-prefixed lines ignored)
pnpm eval:pairwise:langsmith \
pnpm eval:pairwise \
--example-ids-file .output/pairwise/failed-ids.txt \
--output-dir .output/pairwise/rerun
```
### Sandbox
### Target instance
Pairwise evals always run inside a sandbox — the same path production uses.
The agent writes TypeScript to a builder root under the shared sandbox
workspace, runs `tsc` to validate, and calls `submit-workflow` to save the
parsed `WorkflowJSON`. This exercises the production builder agent end-to-end
(sandbox prompt, file I/O, real type checking).
Required env vars (Daytona provider — the default):
Pairwise evals require a running n8n instance with the eval login environment
configured. The CLI talks to `N8N_EVAL_BASE_URL` or `http://localhost:5678` by
default.
```bash
ANTHROPIC_API_KEY=sk-ant-... # builder + judge LLM
LANGSMITH_API_KEY=ls__... # only for --backend langsmith
DAYTONA_API_URL=https://app.daytona.io/api
DAYTONA_API_KEY=dtn_...
# Optional
N8N_INSTANCE_AI_SANDBOX_PROVIDER=daytona # default; set 'local' or 'n8n-sandbox' to switch
N8N_INSTANCE_AI_SANDBOX_IMAGE=daytonaio/sandbox:0.5.0 # default
N8N_INSTANCE_AI_SANDBOX_TIMEOUT=300000 # per-command timeout (ms)
N8N_EVAL_BASE_URL=http://localhost:5678
N8N_EVAL_EMAIL=user@example.com
N8N_EVAL_PASSWORD=...
LANGSMITH_API_KEY=ls__...
N8N_AI_ANTHROPIC_KEY=sk-ant-... # or ANTHROPIC_API_KEY for the judge LLM
```
The CLI fails fast at startup if the chosen provider is misconfigured (e.g.,
Daytona selected without API URL/key). The chosen provider is recorded under
`summary.json → sandbox.provider`.
> **Daytona cold-start.** The very first sandbox creation triggers an image
> build on Daytona's side (`npm install` for `@n8n/workflow-sdk`). That can
> exceed the SDK's 5-minute create timeout and fail with `Sandbox failed to
> become ready within the timeout period`. Once the image is cached, later
> runs are fast. Workaround: pre-build the image via the Daytona dashboard
> before kicking off a full eval run.
### Flags
| Flag | Default | Description |
|------|---------|-------------|
| `--backend` | `local` | `local` reads `evaluations/data/pairwise/local.json`; `langsmith` pulls from the LangSmith dataset |
| `--dataset` | `notion-pairwise-workflows` | LangSmith dataset name (langsmith backend only) |
| `--dataset` | `instance-ai-builder-from-plans` | LangSmith dataset name |
| `--examples-jsonl` | — | Load examples from a previous `results.jsonl` instead of LangSmith |
| `--judges` | `3` | Number of judges in the LLM panel |
| `--judge-model` | `claude-sonnet-4-5-20250929` | LangChain model id for the judge LLM |
| `--iterations` | `1` | Run each example N times — for measuring judge / build variance |
@ -405,6 +385,8 @@ Daytona selected without API URL/key). The chosen provider is recorded under
| `--timeout-ms` | `1200000` | Per-example build timeout |
| `--output-dir` | `.output/pairwise/<iso>` | Where to write artifacts |
| `--experiment-name` | `pairwise-evals-instance-ai` | LangSmith experiment label |
| `--base-url` | `N8N_EVAL_BASE_URL` or `http://localhost:5678` | n8n instance URL |
| `--keep-workflows` | `false` | Keep generated workflows instead of deleting them after scoring |
| `--verbose` | `false` | Per-example log lines |
### Outputs
@ -415,20 +397,11 @@ Each run writes a self-contained directory:
.output/pairwise/<run>/
├── summary.json # totals: pass rate, avg diagnostic, build failures by class, interactivity counters
├── results.jsonl # one line per example: prompt, dos/donts, captured workflow, build metadata, feedback rows
├── workflows/<id>.json # normalized workflow JSON (matches SimpleWorkflow shape from ai-workflow-builder.ee)
└── chunks/<id>_<iter>.jsonl # per-example agent trace: tool-calls, tool-results, suspensions, final text
└── workflows/<id>.json # normalized workflow JSON (matches SimpleWorkflow shape from ai-workflow-builder.ee)
```
The `chunks/*.jsonl` traces are the primary tool for root-causing build
failures. Each line is one event: `tool-call`, `tool-result`, `suspension`,
`auto-approve`, `text`, `stream-finish`, `captured-workflows`, `error`.
When `LANGSMITH_API_KEY` is set, feedback is also posted to LangSmith with
metric keys `pairwise_primary`, `pairwise_diagnostic`,
`pairwise_judges_passed`, `pairwise_total_passes`, `pairwise_total_violations`,
and per-judge `judge1..N`. Experiment metadata includes
`builder: 'instance-ai'` so it can be queried alongside the
`ai-workflow-builder.ee` baseline.
Feedback stays in the local output files. Upload to LangSmith is a separate
step via `scripts/upload-pairwise-to-langsmith.ts`.
### Build failure classes
@ -495,15 +468,14 @@ reliable signal. Two specific things to know:
No real credentials or API connections are needed. ~95% of node types are covered; the main gaps are binary-data nodes (file attachments, image generation) and streaming nodes.
## How the sub-agent harness works
## How the workflow-build harness works
1. The CLI logs in to n8n with `N8N_EVAL_EMAIL` / `N8N_EVAL_PASSWORD`.
2. For each test case it POSTs `/rest/instance-ai/eval/run-sub-agent`.
3. The server builds a real `InstanceAiContext` via `InstanceAiAdapterService.createContext`, wraps the workflow service to record created IDs, resolves the `builder` (or other) role's system prompt, instantiates the sub-agent with the full `createAllTools(context)` tool surface, and runs it to completion.
4. The server returns `{ text, toolCalls, toolResults, capturedWorkflowIds, ... }`.
5. The CLI fetches each captured workflow via `GET /rest/workflows/:id` (this doubles as a round-trip check through the real importer), scores it with the binary-check suite, and archives+deletes it (unless `--keep-workflows`).
2. For each test case it sends the prompt through the normal Instance AI orchestrator chat flow.
3. The orchestrator loads the workflow-builder skill guidance, uses the live build tools, and saves the workflow through the real workflow service.
4. The CLI reads the built workflow from the orchestrator outcome, scores it with the binary-check suite, and archives+deletes it (unless `--keep-workflows`).
No tools, services, or workflow imports are mocked. The server path exercised here is the same one the orchestrator takes when it spawns a builder sub-agent.
No tools, services, or workflow imports are mocked. The `eval:subagent` command name is retained for compatibility, but the runtime path is workflow-build/orchestrator-backed.
## LangSmith integration
@ -596,9 +568,10 @@ evaluations/
├── clients/ # n8n REST + SSE clients
├── checklist/ # LLM verification with retry
├── credentials/ # Test credential seeding
├── data/workflows/ # e2e/sub-agent test case JSON files
├── data/workflows/ # e2e test case JSON files
├── data/subagent/ # workflow-build compatibility fixture JSON files
├── data/pairwise/ # Local pairwise fixture (small smoke set)
├── harness/ # Runners: buildWorkflow + executeScenario (e2e), in-process-builder (pairwise)
├── harness/ # Runners: buildWorkflow + executeScenario (e2e), in-memory event bus (discovery)
├── langsmith/ # Dataset sync + experiment setup
├── outcome/ # SSE event parsing, workflow discovery
├── report/ # HTML report generator

4
packages/@n8n/instance-ai/evaluations/__tests__/data-discovery.test.ts
View File

@ -23,7 +23,7 @@ describe('loadDiscoveryTestCasesWithFiles', () => {
'screenshot-dashboard',
'http-node-config-no-browser',
'oauth-with-computer-use-disabled',
'planner-no-credential-ask',
'workflow-builder-no-credential-ask',
]),
);
});
@ -34,7 +34,7 @@ describe('loadDiscoveryTestCasesWithFiles', () => {
'screenshot-dashboard',
'http-node-config-no-browser',
'oauth-with-computer-use-disabled',
'planner-no-credential-ask',
'workflow-builder-no-credential-ask',
])('%s parses with a valid expectedToolInvocations rule', (slug) => {
const entry = cases.find((c) => c.fileSlug === slug);
expect(entry).toBeDefined();

142
packages/@n8n/instance-ai/evaluations/__tests__/subagent-runner.test.ts Normal file
View File

@ -0,0 +1,142 @@
jest.mock('../harness/runner', () => ({
buildWorkflow: jest.fn(),
cleanupBuild: jest.fn(),
}));
jest.mock('../binaryChecks/index', () => ({
runBinaryChecks: jest.fn(),
}));
import { runBinaryChecks } from '../binaryChecks/index';
import type { N8nClient, WorkflowResponse } from '../clients/n8n-client';
import { buildWorkflow, cleanupBuild, type BuildResult } from '../harness/runner';
import { runWorkflowBuildEval } from '../subagent/runner';
const mockedBuildWorkflow = jest.mocked(buildWorkflow);
const mockedCleanupBuild = jest.mocked(cleanupBuild);
const mockedRunBinaryChecks = jest.mocked(runBinaryChecks);
function makeWorkflow(): WorkflowResponse {
return {
id: 'wf-1',
name: 'Built workflow',
active: false,
versionId: 'version-1',
nodes: [],
connections: {},
};
}
function makeClient(): N8nClient {
return {} as N8nClient;
}
describe('runWorkflowBuildEval', () => {
beforeEach(() => {
jest.clearAllMocks();
mockedCleanupBuild.mockResolvedValue(undefined);
mockedRunBinaryChecks.mockResolvedValue({
feedback: [
{
evaluator: 'binary-checks',
metric: 'pass_rate',
score: 1,
kind: 'score',
},
],
outcomes: [],
});
});
it('runs workflow-build fixtures through the orchestrator build harness', async () => {
const workflow = makeWorkflow();
const build: BuildResult = {
success: true,
workflowId: workflow.id,
workflowJsons: [workflow],
createdWorkflowIds: [workflow.id],
createdDataTableIds: [],
transcript: [{ agentText: 'Built the workflow.', toolInteractions: [] }],
};
mockedBuildWorkflow.mockResolvedValue(build);
const client = makeClient();
const preRunWorkflowIds = new Set(['existing-workflow']);
const claimedWorkflowIds = new Set<string>();
const result = await runWorkflowBuildEval(
{
id: 'case-1',
prompt: 'Build a webhook workflow',
},
{
modelId: 'anthropic/test-model',
timeoutMs: 1234,
verbose: false,
},
{
client,
deleteAfterRun: true,
preRunWorkflowIds,
claimedWorkflowIds,
},
);
expect(mockedBuildWorkflow).toHaveBeenCalledWith(
expect.objectContaining({
client,
conversation: [{ role: 'user', text: 'Build a webhook workflow' }],
timeoutMs: 1234,
preRunWorkflowIds,
claimedWorkflowIds,
skipWorkflowChecks: true,
}),
);
expect(mockedRunBinaryChecks).toHaveBeenCalledWith(
workflow,
expect.objectContaining({
prompt: 'Build a webhook workflow',
modelId: 'anthropic/test-model',
agentTextResponse: 'Built the workflow.',
}),
);
expect(mockedCleanupBuild).toHaveBeenCalledWith(client, build, expect.any(Object));
expect(result.text).toBe('Built the workflow.');
expect(result.capturedWorkflows).toHaveLength(1);
expect(result.error).toBeUndefined();
});
it('returns failed feedback when the orchestrator produces no workflow', async () => {
const build: BuildResult = {
success: false,
error: 'No workflow produced',
workflowJsons: [],
createdWorkflowIds: [],
createdDataTableIds: [],
};
mockedBuildWorkflow.mockResolvedValue(build);
const client = makeClient();
const result = await runWorkflowBuildEval(
{ id: 'case-2', prompt: 'Build nothing' },
{ timeoutMs: 1234, verbose: false },
{
client,
deleteAfterRun: true,
preRunWorkflowIds: new Set(),
claimedWorkflowIds: new Set(),
},
);
expect(mockedRunBinaryChecks).not.toHaveBeenCalled();
expect(mockedCleanupBuild).toHaveBeenCalledWith(client, build, expect.any(Object));
expect(result.error).toBe('No workflow produced');
expect(result.feedback).toEqual(
expect.arrayContaining([
expect.objectContaining({ metric: 'run_error', score: 0 }),
expect.objectContaining({ metric: 'workflow_produced', score: 0 }),
]),
);
});
});

208
packages/@n8n/instance-ai/evaluations/cli/pairwise.ts
View File

@ -1,17 +1,16 @@
// ---------------------------------------------------------------------------
// Pairwise eval CLI for instance-ai.
//
// Pulls the pairwise dataset (default: notion-pairwise-workflows) from
// LangSmith or a local file, builds one workflow per example via the
// in-process instance-ai agent, and scores the result with the same
// pairwise judge panel used by ai-workflow-builder.ee.
// Pulls the pairwise dataset from LangSmith or a local file, builds one
// workflow per example via the normal Instance AI orchestrator, and scores it
// with the same pairwise judge panel used by ai-workflow-builder.ee.
//
// Results are written to an output directory so a later step can build
// a head-to-head comparison report against the ai-workflow-builder.ee
// baseline.
// ---------------------------------------------------------------------------
/* eslint-disable @typescript-eslint/no-redundant-type-constituents, @typescript-eslint/no-base-to-string */
/* eslint-disable @typescript-eslint/no-redundant-type-constituents, @typescript-eslint/no-base-to-string, @typescript-eslint/no-unsafe-assignment, @typescript-eslint/no-unsafe-argument */
// `SimpleWorkflow` is imported from `ai-workflow-builder.ee` via deep relative
// paths; the `@/*` alias used inside that package collides with instance-ai's
// own `@/*` mapping during transitive type-checking, so the type resolves to
@ -21,7 +20,6 @@
import { ChatAnthropic } from '@langchain/anthropic';
import type { BaseChatModel } from '@langchain/core/language_models/chat_models';
import { Client as LangSmithClient } from 'langsmith';
import { nanoid } from 'nanoid';
import { promises as fs, readFileSync } from 'node:fs';
import path from 'node:path';
import pLimit from 'p-limit';
@ -33,22 +31,14 @@ import {
type SimpleWorkflow,
} from '../../../ai-workflow-builder.ee/evaluations/evaluators/pairwise';
import { DEFAULTS } from '../../../ai-workflow-builder.ee/evaluations/support/constants';
import { buildSubAgentBriefing } from '../../src/agent/sub-agent-briefing';
import { DETACHED_BUILDER_REQUIREMENTS } from '../../src/tools/orchestration/build-workflow-agent.tool';
import type { SandboxConfig } from '../../src/workspace/create-workspace';
import {
buildInProcess,
type InProcessBuildResult,
type ToolCallTrace,
} from '../harness/in-process-builder';
import { N8nClient, type WorkflowResponse } from '../clients/n8n-client';
import { createLogger, type EvalLogger } from '../harness/logger';
import { resolveSandboxConfig } from '../harness/sandbox-config';
import { buildWorkflow, cleanupBuild } from '../harness/runner';
import { extractOutcomeFromEvents } from '../outcome/event-parser';
import type { CapturedEvent, CapturedToolCall } from '../types';
/** Default dataset orchestrator-plan-derived spec rows. Each row's prompt
* is the spec the production planner hands the builder via
* `dispatchPlannedTask`. Pair this with the production briefing wrapper
* (`DETACHED_BUILDER_REQUIREMENTS`) below to keep the eval aligned with
* what the builder sees in production. */
* is the kind of workflow request the production orchestrator now handles. */
const DEFAULT_DATASET = 'instance-ai-builder-from-plans';
// ---------------------------------------------------------------------------
@ -68,6 +58,8 @@ interface PairwiseArgs {
judgeModel: string;
experimentName: string;
verbose: boolean;
baseUrl: string;
keepWorkflows: boolean;
}
function parseArgs(argv: string[]): PairwiseArgs {
@ -109,6 +101,8 @@ function parseArgs(argv: string[]): PairwiseArgs {
judgeModel: get('--judge-model') ?? 'claude-sonnet-4-5-20250929',
experimentName: get('--experiment-name') ?? 'pairwise-evals-instance-ai',
verbose: has('--verbose'),
baseUrl: get('--base-url') ?? process.env.N8N_EVAL_BASE_URL ?? 'http://localhost:5678',
keepWorkflows: has('--keep-workflows'),
};
}
@ -245,49 +239,62 @@ interface ExampleRecord {
errorMessage?: string;
durationMs: number;
extraWorkflowCount: number;
interactivity: InProcessBuildResult['interactivity'];
interactivity: BuildInteractivity;
};
toolCalls: ToolCallTrace[];
feedback: Feedback[];
}
interface BuildInteractivity {
askUserCount: number;
planToolCount: number;
autoApprovedSuspensions: number;
mockedCredentialTypes: string[];
}
interface ToolCallSuspension {
message?: string;
questions?: unknown;
severity?: string;
autoApproved: boolean;
}
interface ToolCallTrace {
step: number;
toolCallId: string;
toolName: string;
args?: unknown;
result?: unknown;
error?: string;
elapsedMs?: number;
suspension?: ToolCallSuspension;
}
async function runExample(
example: DatasetExample,
iteration: number,
judgeLlm: BaseChatModel,
args: PairwiseArgs,
logger: EvalLogger,
sandboxConfig: SandboxConfig,
client: N8nClient,
preRunWorkflowIds: Set<string>,
claimedWorkflowIds: Set<string>,
): Promise<ExampleRecord> {
logger.verbose(`[${example.id} #${iteration}] building workflow...`);
const logPath = path.join(
args.outputDir,
'chunks',
`${safeFilename(`${example.id}_${iteration}`)}.jsonl`,
);
// Wrap the prompt the same way the production orchestrator wraps the spec
// it hands to the builder sub-agent (see `build-workflow-agent.tool.ts`).
// Keeping this aligned with prod is what closes the eval/prod gap —
// `DETACHED_BUILDER_REQUIREMENTS` is what tells the builder it must
// `submit-workflow` then `verify-built-workflow` before stopping.
//
// `workItemId` round-trips: the briefing's `additionalContext` tells the
// agent its work-item ID, the agent passes it to `verify-built-workflow`,
// which reads back the build outcome from the in-memory
// `workflowTaskService` keyed on the same ID.
const workItemId = 'wi_' + nanoid(8);
const builderPrompt = await buildSubAgentBriefing({
task: example.prompt,
additionalContext: `[WORK ITEM ID: ${workItemId}]`,
requirements: DETACHED_BUILDER_REQUIREMENTS,
});
const build = await buildInProcess({
prompt: builderPrompt,
workItemId,
const started = Date.now();
const build = await buildWorkflow({
client,
conversation: [{ role: 'user', text: example.prompt }],
timeoutMs: args.timeoutMs,
logPath,
sandboxConfig,
preRunWorkflowIds,
claimedWorkflowIds,
logger,
skipWorkflowChecks: true,
});
const durationMs = Date.now() - started;
const events = build.events ?? [];
const toolCalls = toToolCallTraces(events);
const workflow = build.workflowJsons[0] ? toSimpleWorkflow(build.workflowJsons[0]) : null;
const record: ExampleRecord = {
exampleId: example.id,
@ -295,29 +302,30 @@ async function runExample(
prompt: example.prompt,
dos: example.dos,
donts: example.donts,
workflow: build.workflow ?? null,
workflow,
build: {
success: build.success,
errorClass: build.errorClass,
errorMessage: build.errorMessage,
durationMs: build.durationMs,
extraWorkflowCount: build.extraWorkflows.length,
interactivity: build.interactivity,
errorClass: build.success ? undefined : 'build_failed',
errorMessage: build.error,
durationMs,
extraWorkflowCount: Math.max(0, build.workflowJsons.length - 1),
interactivity: buildInteractivity(events, toolCalls),
},
toolCalls: build.toolCalls,
toolCalls,
feedback: [],
};
if (!build.workflow) {
if (!record.workflow) {
logger.warn(
`[${example.id} #${iteration}] build failed (${build.errorClass ?? 'unknown'}): ${build.errorMessage ?? 'no details'}`,
`[${example.id} #${iteration}] build failed (${record.build.errorClass ?? 'unknown'}): ${record.build.errorMessage ?? 'no details'}`,
);
if (!args.keepWorkflows) await cleanupBuild(client, build, logger);
return record;
}
try {
const evaluator = createPairwiseEvaluator(judgeLlm, { numJudges: args.judges });
const feedback = await evaluator.evaluate(build.workflow, {
const feedback = await evaluator.evaluate(record.workflow, {
prompt: example.prompt,
dos: example.dos,
donts: example.donts,
@ -331,11 +339,52 @@ async function runExample(
logger.error(
`[${example.id} #${iteration}] judge panel failed: ${error instanceof Error ? error.message : String(error)}`,
);
} finally {
if (!args.keepWorkflows) await cleanupBuild(client, build, logger);
}
return record;
}
function toSimpleWorkflow(workflow: WorkflowResponse): SimpleWorkflow {
return {
name: workflow.name,
nodes: workflow.nodes,
connections: workflow.connections,
};
}
function toToolCallTraces(events: CapturedEvent[]): ToolCallTrace[] {
const toolCalls = extractOutcomeFromEvents(events).toolCalls;
return toolCalls.map((toolCall, index) => toToolCallTrace(toolCall, index));
}
function toToolCallTrace(toolCall: CapturedToolCall, index: number): ToolCallTrace {
return {
step: index + 1,
toolCallId: toolCall.toolCallId,
toolName: toolCall.toolName,
args: toolCall.args,
result: toolCall.result,
error: toolCall.error,
elapsedMs: toolCall.durationMs,
};
}
function buildInteractivity(
events: CapturedEvent[],
toolCalls: ToolCallTrace[],
): BuildInteractivity {
return {
askUserCount: toolCalls.filter((toolCall) => toolCall.toolName === 'ask-user').length,
planToolCount: toolCalls.filter(
(toolCall) => toolCall.toolName === 'plan' || toolCall.toolName === 'create-tasks',
).length,
autoApprovedSuspensions: events.filter((event) => event.type === 'confirmation-request').length,
mockedCredentialTypes: [],
};
}
// ---------------------------------------------------------------------------
// Output writing
// ---------------------------------------------------------------------------
@ -378,7 +427,7 @@ interface Summary {
autoApprovedSuspensions: number;
mockedCredentialTypes: string[];
};
sandbox: { provider: string };
runner: { mode: string };
}
async function writeOutputs(
@ -388,7 +437,7 @@ async function writeOutputs(
startedAt: Date,
finishedAt: Date,
logger: EvalLogger,
sandboxProvider: string,
runnerMode: string,
silent = false,
): Promise<Summary> {
await fs.mkdir(outputDir, { recursive: true });
@ -539,7 +588,7 @@ async function writeOutputs(
autoApprovedSuspensions,
mockedCredentialTypes: Array.from(allMockedCreds),
},
sandbox: { provider: sandboxProvider },
runner: { mode: runnerMode },
};
await fs.writeFile(
path.join(outputDir, 'summary.json'),
@ -588,18 +637,14 @@ async function main(): Promise<void> {
const apiKey = process.env.N8N_AI_ANTHROPIC_KEY ?? process.env.ANTHROPIC_API_KEY;
if (!apiKey) {
throw new Error(
'Set N8N_AI_ANTHROPIC_KEY or ANTHROPIC_API_KEY — both the builder agent and the judge LLM need it.',
);
throw new Error('Set N8N_AI_ANTHROPIC_KEY or ANTHROPIC_API_KEY — the judge LLM needs it.');
}
const sandboxConfig = resolveSandboxConfig(process.env);
if (!sandboxConfig.enabled) {
throw new Error('resolveSandboxConfig returned a disabled config — this should never happen.');
}
logger.info(
`Sandbox: provider=${sandboxConfig.provider} (workflow built via TypeScript file + tsc)`,
);
const client = new N8nClient(args.baseUrl);
await client.login();
const preRunWorkflowIds = new Set(await client.listWorkflowIds());
const claimedWorkflowIds = new Set<string>();
logger.info(`Runner: orchestrator (${args.baseUrl})`);
const judgeLlm = new ChatAnthropic({
model: args.judgeModel,
@ -649,7 +694,7 @@ async function main(): Promise<void> {
startedAt,
new Date(),
logger,
sandboxConfig.provider,
'orchestrator',
true,
);
await regenerateReport(reportRoot, reportFile, logger);
@ -662,7 +707,16 @@ async function main(): Promise<void> {
for (let i = 1; i <= args.iterations; i++) {
work.push(
limit(async () => {
const record = await runExample(example, i, judgeLlm, args, logger, sandboxConfig);
const record = await runExample(
example,
i,
judgeLlm,
args,
logger,
client,
preRunWorkflowIds,
claimedWorkflowIds,
);
records.push(record);
await flushIncremental();
}),
@ -678,15 +732,7 @@ async function main(): Promise<void> {
? a.iteration - b.iteration
: a.exampleId.localeCompare(b.exampleId),
);
await writeOutputs(
args.outputDir,
records,
args,
startedAt,
finishedAt,
logger,
sandboxConfig.provider,
);
await writeOutputs(args.outputDir, records, args, startedAt, finishedAt, logger, 'orchestrator');
await regenerateReport(reportRoot, reportFile, logger);
logger.info(`Report: ${reportFile}`);
logger.info(

16
packages/@n8n/instance-ai/evaluations/clients/n8n-client.ts
View File

@ -10,8 +10,6 @@ import type {
InstanceAiConfirmRequest,
InstanceAiRichMessagesResponse,
InstanceAiEvalExecutionResult,
InstanceAiEvalSubAgentRequest,
InstanceAiEvalSubAgentResponse,
} from '@n8n/api-types';
import { z } from 'zod';
@ -170,20 +168,6 @@ export class N8nClient {
});
}
/**
* Run an isolated sub-agent on the instance and return its result.
* POST /rest/instance-ai/eval/run-sub-agent
*/
async runSubAgentEval(
request: InstanceAiEvalSubAgentRequest,
): Promise<InstanceAiEvalSubAgentResponse> {
const result = (await this.fetch('/rest/instance-ai/eval/run-sub-agent', {
method: 'POST',
body: request,
})) as { data: InstanceAiEvalSubAgentResponse };
return result.data;
}
/**
* Get the current status of a thread (active run, suspended, background tasks).
* GET /rest/instance-ai/threads/:threadId/status

4
packages/@n8n/instance-ai/evaluations/data/discovery/data-table-natural-list-skill-loading.json
View File

@ -15,12 +15,12 @@
"noneOf": [
"plan",
"create-tasks",
"build-workflow",
"delegate",
"build-workflow-with-agent",
"spawn_sub_agent:planner",
"spawn_sub_agent:workflow-builder",
"spawn_sub_agent:delegate"
]
},
"rationale": "Regression coverage for natural standalone data-table requests. A plain request to list existing Data Tables should load the data-table-manager skill and use the direct data-tables list action, without routing through planning or sub-agents."
"rationale": "Regression coverage for natural standalone data-table requests. A plain request to list existing Data Tables should load the data-table-manager skill and use the direct data-tables list action, without routing through planning, workflow-building, or sub-agents."
}

4
packages/@n8n/instance-ai/evaluations/data/discovery/data-table-skill-loading.json
View File

@ -15,12 +15,12 @@
"noneOf": [
"plan",
"create-tasks",
"build-workflow",
"delegate",
"build-workflow-with-agent",
"spawn_sub_agent:planner",
"spawn_sub_agent:workflow-builder",
"spawn_sub_agent:delegate"
]
},
"rationale": "Regression coverage for runtime skill loading. Standalone data-table work must load the data-table-manager skill and call data-tables directly, without routing through planner, task creation, workflow-builder, or delegate sub-agent paths."
"rationale": "Regression coverage for runtime skill loading. Standalone data-table work must load the data-table-manager skill and call data-tables directly, without routing through planning, workflow-building, task creation, or delegate paths."
}

8
packages/@n8n/instance-ai/evaluations/data/discovery/data-table-workflow-skill-loading.json
View File

@ -2,14 +2,18 @@
"id": "data-table-workflow-skill-loading",
"userMessage": "Create me a workflow that implements an n8n form to capture responses into a data table. The form should be a decklist submission form for a MTG tournament, asking for player name and a deck list as text fields they'll fill.",
"expectedToolInvocations": {
"anyOf": ["plan", "spawn_sub_agent:planner"],
"anyOf": ["plan"],
"allOfToolCalls": [
{
"toolName": "load_skill",
"argsContainAny": ["data-table-manager"]
},
{
"toolName": "load_skill",
"argsContainAny": ["workflow-builder"]
}
],
"noneOf": ["delegate", "spawn_sub_agent:delegate"]
},
"rationale": "Regression coverage for workflow-build prompts that depend on Data Tables. The orchestrator should load the data-table-manager skill before planning so table schema and row-handling guidance can influence the planner and builder."
"rationale": "Regression coverage for workflow-build prompts that depend on Data Tables. The orchestrator should plan the work and load both the data-table-manager skill and the workflow-builder skill so table schema and row-handling guidance influence the build path without delegating to a sub-agent."
}

12
packages/@n8n/instance-ai/evaluations/data/discovery/planner-no-credential-ask.json → packages/@n8n/instance-ai/evaluations/data/discovery/workflow-builder-no-credential-ask.json
View File

@ -1,8 +1,14 @@
{
"id": "planner-no-credential-ask",
"id": "workflow-builder-no-credential-ask",
"userMessage": "Build a workflow that lets customers request a meeting time in natural language, parses the preferred time with OpenAI, creates a Google Calendar event, and sends a Gmail confirmation email.",
"expectedToolInvocations": {
"anyOf": ["plan", "spawn_sub_agent:planner"],
"anyOf": ["plan"],
"allOfToolCalls": [
{
"toolName": "load_skill",
"argsContainAny": ["workflow-builder"]
}
],
"noneOfToolCalls": [
{
"toolName": "ask-user",
@ -14,5 +20,5 @@
}
]
},
"rationale": "Regression coverage for INS-204. A fresh workflow plan may use credentials(action=\"list\") for discovery, but planning must not ask the user which credential/account to use when the builder can auto-select or mock unresolved credentials. The planner should also use contextual timezone data rather than asking for it."
"rationale": "Regression coverage for INS-204. A fresh workflow build should route through planning and may use credentials(action=\"list\") for discovery, but it must not ask the user which credential/account to use when the builder can auto-select or mock unresolved credentials. It should also use contextual timezone data rather than asking for it."
}

2
packages/@n8n/instance-ai/evaluations/discovery/runner.ts
View File

@ -40,7 +40,7 @@ import type {
TaskStorage,
} from '../../src/types';
import { asResumable } from '../../src/utils/stream-helpers';
import { createInMemoryEventBus, wrapEventBusWithObserver } from '../harness/in-process-builder';
import { createInMemoryEventBus, wrapEventBusWithObserver } from '../harness/in-memory-event-bus';
import { createStubServices, defaultNodesJsonPath } from '../harness/stub-services';
import { extractOutcomeFromEvents } from '../outcome/event-parser';
import type { CapturedEvent, EventOutcome } from '../types';

61
packages/@n8n/instance-ai/evaluations/harness/in-memory-event-bus.ts Normal file
View File

@ -0,0 +1,61 @@
import type { InstanceAiEvent } from '@n8n/api-types';
import type { InstanceAiEventBus, StoredEvent } from '../../src/event-bus';
export function createInMemoryEventBus(): InstanceAiEventBus {
const storeByThread = new Map<string, StoredEvent[]>();
const subscribersByThread = new Map<string, Array<(event: StoredEvent) => void>>();
return {
publish(threadId, event) {
const list = storeByThread.get(threadId) ?? [];
const stored: StoredEvent = { id: list.length + 1, event };
list.push(stored);
storeByThread.set(threadId, list);
const subscribers = subscribersByThread.get(threadId);
if (subscribers) for (const subscriber of subscribers) subscriber(stored);
},
subscribe(threadId, handler) {
const subscribers = subscribersByThread.get(threadId) ?? [];
subscribers.push(handler);
subscribersByThread.set(threadId, subscribers);
return () => {
const current = subscribersByThread.get(threadId) ?? [];
subscribersByThread.set(
threadId,
current.filter((subscriber) => subscriber !== handler),
);
};
},
getEventsAfter(threadId, afterId) {
return (storeByThread.get(threadId) ?? []).filter((event) => event.id > afterId);
},
getEventsForRun(threadId, runId) {
return (storeByThread.get(threadId) ?? [])
.map((event) => event.event)
.filter((event) => 'runId' in event && event.runId === runId);
},
getEventsForRuns(threadId, runIds) {
const runIdSet = new Set(runIds);
return (storeByThread.get(threadId) ?? [])
.map((event) => event.event)
.filter((event) => 'runId' in event && runIdSet.has(event.runId));
},
getNextEventId(threadId) {
return (storeByThread.get(threadId) ?? []).length + 1;
},
};
}
export function wrapEventBusWithObserver(
bus: InstanceAiEventBus,
observe: (event: InstanceAiEvent) => void,
): InstanceAiEventBus {
return {
...bus,
publish(threadId, event) {
observe(event);
bus.publish(threadId, event);
},
};
}

946
packages/@n8n/instance-ai/evaluations/harness/in-process-builder.ts
View File

@ -1,946 +0,0 @@
// ---------------------------------------------------------------------------
// In-process workflow build for pairwise evals.
//
// Rather than wire up the full orchestrator (which requires a
// BackgroundTaskManager, workflowTaskService, trace context, etc.), we
// invoke the same builder sub-agent that the orchestrator would delegate
// to — a native Agent given the sandbox builder prompt plus
// `submit-workflow` and a few supporting domain tools. For single-workflow
// prompts in the pairwise dataset the orchestrator's only job is to route
// here, so skipping it loses nothing material.
//
// The built workflow is captured through the stub `workflowService`'s
// `createFromWorkflowJSON` hook — `submit-workflow` calls it after parsing
// the TypeScript file the agent wrote inside the sandbox.
//
// HITL: several domain tools (data-tables create, delete workflow, etc.)
// suspend the stream waiting for user approval. We run the stream through
// `executeResumableStream` with `mode: 'auto'` so every confirmation
// request auto-approves — otherwise the stream silently ends at the
// first suspension and the builder never completes.
// ---------------------------------------------------------------------------
/* eslint-disable @typescript-eslint/require-await */
// The `waitForConfirmation` callback must be async to satisfy the
// resumable-stream control contract even though the auto-approve path has
// nothing to await.
import { Agent, type RuntimeSkillSource, type Workspace } from '@n8n/agents';
import type { InstanceAiEvent } from '@n8n/api-types';
import { nanoid } from 'nanoid';
import { createWriteStream, type WriteStream } from 'node:fs';
import { mkdir } from 'node:fs/promises';
import path from 'node:path';
import { normalizeWorkflow } from './normalize-workflow';
import { stringifyError, truncate } from './redact';
import { createStubServices, defaultNodesJsonPath, type StubServiceHandle } from './stub-services';
import {
createInMemoryWorkflowTaskService,
type InMemoryWorkflowTaskService,
} from './stub-workflow-task-service';
import type { SimpleWorkflow } from '../../../ai-workflow-builder.ee/src/types/workflow';
import { attachRuntimeWorkspaceCapabilities } from '../../src/agent/runtime-workspace';
import { MAX_STEPS } from '../../src/constants/max-steps';
import type { InstanceAiEventBus, StoredEvent } from '../../src/event-bus';
import type { Logger } from '../../src/logger';
import {
executeResumableStream,
normalizeStreamSource,
} from '../../src/runtime/resumable-stream-executor';
import { materializeRuntimeSkillsIntoWorkspace } from '../../src/skills/materialize-runtime-skills';
import { loadInstanceAiRuntimeSkillSource } from '../../src/skills/runtime-skills';
import { createToolRegistry, toolRegistryValues } from '../../src/tool-registry';
import { createAllTools } from '../../src/tools';
import { createSandboxBuilderAgentPrompt } from '../../src/tools/orchestration/build-workflow-agent.prompt';
import { createVerifyBuiltWorkflowTool } from '../../src/tools/orchestration/verify-built-workflow.tool';
import {
createSubmitWorkflowTool,
type SubmitWorkflowAttempt,
} from '../../src/tools/workflows/submit-workflow.tool';
import type { InstanceAiToolRegistry, ModelConfig, OrchestrationContext } from '../../src/types';
import { asResumable } from '../../src/utils/stream-helpers';
import { createRemediation } from '../../src/workflow-loop/remediation';
import type { WorkflowBuildOutcome } from '../../src/workflow-loop/workflow-loop-state';
import {
createSandbox,
createWorkspace,
type SandboxConfig,
} from '../../src/workspace/create-workspace';
import { getWorkspaceRoot, setupSandboxWorkspace } from '../../src/workspace/sandbox-setup';
import { createScopedWorkspace } from '../../src/workspace/scoped-workspace';
// ---------------------------------------------------------------------------
// Public API
// ---------------------------------------------------------------------------
export type BuildErrorClass = 'build_timeout' | 'no_workflow_built' | 'agent_error';
export interface ToolCallSuspension {
/** Pre-suspend message — for `ask-user` this is the introMessage or first question. */
message?: string;
/** Structured questions for `ask-user` suspensions, otherwise undefined. */
questions?: unknown;
/** Free-form severity from the suspend payload. */
severity?: string;
/** True when the eval harness auto-approved the suspension. */
autoApproved: boolean;
}
export interface ToolCallTrace {
/** 1-based step ordinal in tool-call order. */
step: number;
toolCallId: string;
toolName: string;
/** Truncated tool input. */
args?: unknown;
/** Truncated successful tool result (mutually exclusive with `error`). */
result?: unknown;
/** Stringified tool error (mutually exclusive with `result`). */
error?: string;
/** Wall-clock duration between tool-call and tool-result/tool-error. */
elapsedMs?: number;
/** Populated when the tool suspended for HITL (e.g. `ask-user`). */
suspension?: ToolCallSuspension;
}
export interface InProcessBuildResult {
success: boolean;
workflow?: SimpleWorkflow;
extraWorkflows: SimpleWorkflow[];
errorClass?: BuildErrorClass;
errorMessage?: string;
durationMs: number;
finalText?: string;
interactivity: {
askUserCount: number;
planToolCount: number;
autoApprovedSuspensions: number;
mockedCredentialTypes: string[];
};
/** Ordered tool-call timeline observed during the run. */
toolCalls: ToolCallTrace[];
}
export interface BuildInProcessOptions {
prompt: string;
modelId?: ModelConfig;
nodesJsonPath?: string;
timeoutMs?: number;
/** Max builder steps — matches production default when omitted. */
maxSteps?: number;
/**
* Path to a chunk log file. When set, every tool-call, tool-result,
* suspension, text-delta, and lifecycle event is appended to this
* file. Parent dirs are created as needed. Used for root-causing
* build failures (`no_workflow_built`, `agent_error`, etc.).
*/
logPath?: string;
/**
* Provisions the per-call sandbox workspace. The agent runs the production
* shared-sandbox builder prompt + `submit-workflow` path: writes TypeScript
* to the workspace, runs `tsc`, and saves the parsed `WorkflowJSON`. The
* sandbox is destroyed on completion.
*/
sandboxConfig: SandboxConfig;
/**
* Optional pre-generated work item ID. Pass this when the caller has
* already embedded `[WORK ITEM ID: ${workItemId}]` into the prompt's
* briefing `verify-built-workflow` reads the same value back from the
* in-memory `workflowTaskService` keyed on this ID. When omitted, a
* fresh ID is generated; in that case `verify-built-workflow` won't be
* called by the agent (the briefing didn't tell it what value to pass).
*/
workItemId?: string;
}
// ---------------------------------------------------------------------------
// Implementation
// ---------------------------------------------------------------------------
export async function buildInProcess(
options: BuildInProcessOptions,
): Promise<InProcessBuildResult> {
const started = Date.now();
const timeoutMs = options.timeoutMs ?? 20 * 60 * 1000;
const modelId: ModelConfig = options.modelId ?? 'anthropic/claude-sonnet-4-6';
// Match production: builds run with the same MAX_STEPS.BUILDER cap as
// `build-workflow-agent.tool.ts` uses inside the orchestrator. Halving
// the budget for evals makes the harness run out of steps on examples
// that production would complete, inflating `no_workflow_built` rates.
const maxSteps = options.maxSteps ?? MAX_STEPS.BUILDER;
const interactivity = {
askUserCount: 0,
planToolCount: 0,
autoApprovedSuspensions: 0,
mockedCredentialTypes: new Set<string>(),
};
const traceCollector = createToolTraceCollector();
const logger = silentLogger();
const chunkLog = options.logPath ? await openChunkLog(options.logPath) : null;
chunkLog?.writeHeader(options.prompt, { modelId, maxSteps, timeoutMs });
let services: StubServiceHandle;
try {
services = await createStubServices({
nodesJsonPath: options.nodesJsonPath ?? defaultNodesJsonPath(),
});
} catch (error) {
chunkLog?.write({ kind: 'error', stage: 'stub-services', message: String(error) });
await chunkLog?.close();
return failResult(
started,
'agent_error',
error,
interactivity,
undefined,
traceCollector.snapshot(),
);
}
const allTools = createAllTools(services.context);
const builderTools: InstanceAiToolRegistry = createToolRegistry();
let workspace: Workspace;
let cleanupSandbox = async () => {};
try {
const sandbox = await createSandbox(options.sandboxConfig);
const createdWorkspace = createWorkspace(sandbox);
if (!sandbox || !createdWorkspace) {
throw new Error('Sandbox config is disabled');
}
workspace = createdWorkspace;
cleanupSandbox = async () => {
await createdWorkspace.destroy();
};
await workspace.init();
} catch (error) {
chunkLog?.write({
kind: 'error',
stage: 'sandbox-create',
message: error instanceof Error ? error.message : String(error),
});
await chunkLog?.close();
return failResult(
started,
'agent_error',
error,
interactivity,
undefined,
traceCollector.snapshot(),
);
}
let root: string;
let runtimeSkills: RuntimeSkillSource | undefined;
try {
root = path.posix.join(
await getWorkspaceRoot(workspace),
'builders',
`eval-builder-${nanoid(6)}`,
);
await setupSandboxWorkspace(workspace, services.context, { root });
const runtimeSkillSource = loadInstanceAiRuntimeSkillSource();
const materializedRuntimeSkills = await materializeRuntimeSkillsIntoWorkspace({
source: runtimeSkillSource,
workspace,
root,
logger,
});
runtimeSkills = materializedRuntimeSkills?.source ?? runtimeSkillSource;
workspace = createScopedWorkspace(workspace, root, materializedRuntimeSkills?.env);
} catch (error) {
chunkLog?.write({
kind: 'error',
stage: 'sandbox-resolve-root',
message: error instanceof Error ? error.message : String(error),
});
try {
await cleanupSandbox();
} catch (cleanupError) {
chunkLog?.write({
kind: 'error',
stage: 'sandbox-cleanup',
message: cleanupError instanceof Error ? cleanupError.message : String(cleanupError),
});
}
await chunkLog?.close();
return failResult(
started,
'agent_error',
error,
interactivity,
undefined,
traceCollector.snapshot(),
);
}
const prompt = createSandboxBuilderAgentPrompt(root);
// Per-build identifiers — match what production (`build-workflow-agent.tool.ts`)
// generates per orchestrator-dispatched task. The builder agent reads
// `workItemId` from the briefing's `additionalContext`, then passes it to
// `verify-built-workflow` to round-trip its build outcome.
const workItemId = options.workItemId ?? 'wi_' + nanoid(8);
const taskId = 'eval-task-' + nanoid(6);
const threadId = 'eval-thread-' + nanoid(6);
const runId = 'eval-run-' + nanoid(6);
const agentId = 'eval-builder-' + nanoid(6);
// In-memory build-outcome / verification store. Lives for the duration
// of this single build; never shared. The workflowTaskService interface
// is what `verify-built-workflow` reads from after `submit-workflow`
// records the attempt below.
const workflowTaskService: InMemoryWorkflowTaskService = createInMemoryWorkflowTaskService();
// Minimal OrchestrationContext shim for `createVerifyBuiltWorkflowTool`.
// Verify-built-workflow only reads `workflowTaskService`, `domainContext`,
// `runId`, and `logger` at runtime — the rest of OrchestrationContext is
// orchestrator scaffolding the builder doesn't touch.
const verifyContext = {
threadId,
runId,
logger,
domainContext: services.context,
workflowTaskService,
} as unknown as OrchestrationContext;
const sandboxToolNames = [
'nodes',
'workflows',
'credentials',
'data-tables',
'templates',
] as const;
for (const name of sandboxToolNames) {
const tool = allTools.get(name);
if (tool) builderTools.set(name, tool);
}
// `submit-workflow` reports each attempt back via the onAttempt callback.
// Production wires this to `workflowTaskService.reportBuildOutcome` so the
// builder loop and `verify-built-workflow` can read it. We mirror that
// here so the same prompt contract works in eval.
builderTools.set(
'submit-workflow',
createSubmitWorkflowTool(
services.context,
workspace,
undefined,
async (attempt: SubmitWorkflowAttempt) => {
await workflowTaskService.reportBuildOutcome(
toWorkflowBuildOutcome(workItemId, runId, taskId, attempt),
);
},
{ root },
),
);
builderTools.set('verify-built-workflow', createVerifyBuiltWorkflowTool(verifyContext));
const agent = new Agent(agentId)
.model(modelId)
.instructions(prompt, {
providerOptions: {
anthropic: { cacheControl: { type: 'ephemeral' as const } },
},
})
.tool(toolRegistryValues(builderTools));
attachRuntimeWorkspaceCapabilities(agent, { workspace, runtimeSkills });
const abortController = new AbortController();
const timeoutHandle = setTimeout(() => abortController.abort(), timeoutMs);
const eventBus = wrapEventBusWithObserver(createInMemoryEventBus(), (event) => {
observeEvent(event, interactivity);
traceCollector.observe(event);
chunkLog?.writeEvent(event);
});
let finalText: string | undefined;
try {
const streamResult = await agent.stream(options.prompt, {
maxIterations: maxSteps,
abortSignal: abortController.signal,
providerOptions: {
anthropic: { cacheControl: { type: 'ephemeral' as const } },
},
});
const streamSource = normalizeStreamSource(streamResult);
const result = await executeResumableStream({
agent: asResumable(agent),
stream: streamSource,
context: {
threadId,
runId,
agentId: 'eval-builder',
eventBus,
signal: abortController.signal,
logger,
},
control: {
mode: 'auto',
waitForConfirmation: async (requestId: string): Promise<Record<string, unknown>> => {
interactivity.autoApprovedSuspensions++;
traceCollector.markAutoApproved(requestId);
chunkLog?.write({ kind: 'auto-approve', requestId });
return { approved: true };
},
onSuspension: (suspension) => {
chunkLog?.write({ kind: 'suspension', ...suspension });
if (suspension.toolName === 'ask-user') {
interactivity.askUserCount++;
}
},
// Match production (`consumeStreamWithHitl`): when a suspension
// auto-resumes, pass `maxIterations` and the same providerOptions to
// `resume`.
buildResumeOptions: ({ agentRunId, suspension }) => ({
runId: agentRunId,
toolCallId: suspension.toolCallId,
maxIterations: maxSteps,
providerOptions: {
anthropic: { cacheControl: { type: 'ephemeral' as const } },
},
}),
},
});
const resultText = result.text ?? streamSource.text;
if (resultText) {
finalText = await resultText;
}
// Pull stream-level totals when the underlying stream source exposes
// them. `finishReason === 'length'` / 'tool-calls' pinpoints
// maxSteps exhaustion, and `totalUsage` is our only cost signal.
const usage = await Promise.resolve(streamSource.totalUsage ?? streamSource.usage).catch(
() => undefined,
);
const finishReason = await Promise.resolve(streamSource.finishReason).catch(() => undefined);
chunkLog?.write({
kind: 'stream-finish',
status: result.status,
finishReason,
usage,
});
if (finalText) chunkLog?.write({ kind: 'final-text', text: finalText });
if (abortController.signal.aborted || result.status === 'cancelled') {
await chunkLog?.close();
return failResult(
started,
'build_timeout',
new Error(`Build exceeded ${timeoutMs}ms`),
interactivity,
finalText,
traceCollector.snapshot(),
);
}
if (result.status === 'errored') {
await chunkLog?.close();
return failResult(
started,
'agent_error',
new Error('Stream errored'),
interactivity,
finalText,
traceCollector.snapshot(),
);
}
} catch (error) {
chunkLog?.write({
kind: 'error',
stage: 'stream',
message: error instanceof Error ? error.message : String(error),
});
if (abortController.signal.aborted) {
await chunkLog?.close();
return failResult(
started,
'build_timeout',
new Error(`Build exceeded ${timeoutMs}ms`),
interactivity,
finalText,
traceCollector.snapshot(),
);
}
await chunkLog?.close();
return failResult(
started,
'agent_error',
error,
interactivity,
finalText,
traceCollector.snapshot(),
);
} finally {
clearTimeout(timeoutHandle);
try {
await cleanupSandbox();
} catch (cleanupError) {
chunkLog?.write({
kind: 'error',
stage: 'sandbox-cleanup',
message: cleanupError instanceof Error ? cleanupError.message : String(cleanupError),
});
}
}
const captured = services.capturedWorkflows;
chunkLog?.write({ kind: 'captured-workflows', count: captured.length });
if (captured.length === 0) {
await chunkLog?.close();
return failResult(
started,
'no_workflow_built',
new Error('Builder finished without invoking submit-workflow'),
interactivity,
finalText,
traceCollector.snapshot(),
);
}
const [first, ...extras] = captured.map(normalizeWorkflow);
await chunkLog?.close();
return {
success: true,
workflow: first,
extraWorkflows: extras,
durationMs: Date.now() - started,
finalText,
interactivity: {
askUserCount: interactivity.askUserCount,
planToolCount: interactivity.planToolCount,
autoApprovedSuspensions: interactivity.autoApprovedSuspensions,
mockedCredentialTypes: Array.from(interactivity.mockedCredentialTypes),
},
toolCalls: traceCollector.snapshot(),
};
}
// ---------------------------------------------------------------------------
// Helpers
// ---------------------------------------------------------------------------
interface InteractivityState {
askUserCount: number;
planToolCount: number;
autoApprovedSuspensions: number;
mockedCredentialTypes: Set<string>;
}
function observeEvent(event: InstanceAiEvent, interactivity: InteractivityState): void {
if (event.type === 'tool-call') {
const payload: unknown = event.payload;
if (!isRecord(payload)) return;
const toolName = typeof payload.toolName === 'string' ? payload.toolName : undefined;
if (toolName === 'plan') interactivity.planToolCount++;
} else if (event.type === 'tool-result') {
const payload: unknown = event.payload;
if (!isRecord(payload)) return;
const result = isRecord(payload.result) ? payload.result : undefined;
const mocked = result?.mockedCredentialTypes;
if (Array.isArray(mocked)) {
for (const type of mocked) {
if (typeof type === 'string') interactivity.mockedCredentialTypes.add(type);
}
}
}
}
function failResult(
startedAt: number,
errorClass: BuildErrorClass,
error: unknown,
interactivity: InteractivityState,
finalText: string | undefined,
toolCalls: ToolCallTrace[],
): InProcessBuildResult {
return {
success: false,
extraWorkflows: [],
errorClass,
errorMessage: error instanceof Error ? error.message : String(error),
durationMs: Date.now() - startedAt,
finalText,
interactivity: {
askUserCount: interactivity.askUserCount,
planToolCount: interactivity.planToolCount,
autoApprovedSuspensions: interactivity.autoApprovedSuspensions,
mockedCredentialTypes: Array.from(interactivity.mockedCredentialTypes),
},
toolCalls,
};
}
// ---------------------------------------------------------------------------
// Tool-call trace collector — observes events from the same bus as the chunk
// log, but produces a structured timeline that lives on the build result so
// the eval report can render per-example tool sequences.
// ---------------------------------------------------------------------------
interface ToolTraceCollector {
observe: (event: InstanceAiEvent) => void;
markAutoApproved: (requestId: string) => void;
snapshot: () => ToolCallTrace[];
}
const TOOL_TRACE_TRUNC = 4000;
function createToolTraceCollector(): ToolTraceCollector {
const traces: ToolCallTrace[] = [];
const byToolCallId = new Map<string, ToolCallTrace>();
const startTimes = new Map<string, number>();
const requestIdToToolCallId = new Map<string, string>();
let stepCounter = 0;
return {
observe(event) {
if (event.type === 'tool-call') {
stepCounter += 1;
const trace: ToolCallTrace = {
step: stepCounter,
toolCallId: event.payload.toolCallId,
toolName: event.payload.toolName,
args: truncate(event.payload.args, TOOL_TRACE_TRUNC),
};
traces.push(trace);
byToolCallId.set(trace.toolCallId, trace);
startTimes.set(trace.toolCallId, Date.now());
} else if (event.type === 'tool-result') {
const trace = byToolCallId.get(event.payload.toolCallId);
if (!trace) return;
const start = startTimes.get(trace.toolCallId);
if (start !== undefined) trace.elapsedMs = Date.now() - start;
trace.result = truncate(event.payload.result, TOOL_TRACE_TRUNC);
startTimes.delete(trace.toolCallId);
} else if (event.type === 'tool-error') {
const trace = byToolCallId.get(event.payload.toolCallId);
if (!trace) return;
const start = startTimes.get(trace.toolCallId);
if (start !== undefined) trace.elapsedMs = Date.now() - start;
trace.error = stringifyError(event.payload.error, TOOL_TRACE_TRUNC);
startTimes.delete(trace.toolCallId);
} else if (event.type === 'confirmation-request') {
const trace = byToolCallId.get(event.payload.toolCallId);
if (!trace) return;
requestIdToToolCallId.set(event.payload.requestId, event.payload.toolCallId);
trace.suspension = {
message: event.payload.message,
questions: event.payload.questions,
severity: event.payload.severity,
autoApproved: false,
};
}
},
markAutoApproved(requestId) {
const toolCallId = requestIdToToolCallId.get(requestId);
if (!toolCallId) return;
const trace = byToolCallId.get(toolCallId);
if (trace?.suspension) trace.suspension.autoApproved = true;
},
snapshot() {
return traces.map((t) => ({ ...t }));
},
};
}
function isRecord(value: unknown): value is Record<string, unknown> {
return value !== null && typeof value === 'object' && !Array.isArray(value);
}
function silentLogger(): Logger {
return { debug: () => {}, info: () => {}, warn: () => {}, error: () => {} };
}
// ---------------------------------------------------------------------------
// In-memory event bus — the stream executor publishes mapped events here.
// ---------------------------------------------------------------------------
export function createInMemoryEventBus(): InstanceAiEventBus {
const storeByThread = new Map<string, StoredEvent[]>();
const subscribersByThread = new Map<string, Array<(event: StoredEvent) => void>>();
return {
publish(threadId, event) {
const list = storeByThread.get(threadId) ?? [];
const stored: StoredEvent = { id: list.length + 1, event };
list.push(stored);
storeByThread.set(threadId, list);
const subs = subscribersByThread.get(threadId);
if (subs) for (const sub of subs) sub(stored);
},
subscribe(threadId, handler) {
const subs = subscribersByThread.get(threadId) ?? [];
subs.push(handler);
subscribersByThread.set(threadId, subs);
return () => {
const current = subscribersByThread.get(threadId) ?? [];
subscribersByThread.set(
threadId,
current.filter((h) => h !== handler),
);
};
},
getEventsAfter(threadId, afterId) {
return (storeByThread.get(threadId) ?? []).filter((e) => e.id > afterId);
},
getEventsForRun(threadId, runId) {
return (storeByThread.get(threadId) ?? [])
.map((e) => e.event)
.filter((e) => 'runId' in e && e.runId === runId);
},
getEventsForRuns(threadId, runIds) {
const set = new Set(runIds);
return (storeByThread.get(threadId) ?? [])
.map((e) => e.event)
.filter((e) => 'runId' in e && set.has(e.runId));
},
getNextEventId(threadId) {
return (storeByThread.get(threadId) ?? []).length + 1;
},
};
}
export function wrapEventBusWithObserver(
bus: InstanceAiEventBus,
observe: (event: InstanceAiEvent) => void,
): InstanceAiEventBus {
return {
...bus,
publish(threadId, event) {
observe(event);
bus.publish(threadId, event);
},
};
}
// ---------------------------------------------------------------------------
// Chunk log — writes one JSONL record per observed event to a file so
// failures can be diagnosed after the fact.
// ---------------------------------------------------------------------------
interface ChunkLog {
writeHeader(
prompt: string,
config: { modelId: ModelConfig; maxSteps: number; timeoutMs: number },
): void;
writeEvent(event: InstanceAiEvent): void;
write(record: Record<string, unknown>): void;
close(): Promise<void>;
}
async function openChunkLog(filePath: string): Promise<ChunkLog> {
await mkdir(path.dirname(filePath), { recursive: true });
const stream: WriteStream = createWriteStream(filePath, { flags: 'w' });
// Without a listener, an EIO/disk-full error event would crash the
// process. Failed log I/O must never abort an in-flight eval.
stream.on('error', () => {});
let closed = false;
const emit = (obj: Record<string, unknown>): void => {
if (closed) return;
stream.write(JSON.stringify({ t: new Date().toISOString(), ...obj }) + '\n');
};
// Pair tool-call ↔ tool-result so we can surface per-call latency.
const toolCallStarts = new Map<string, { started: number; toolName: string }>();
// Accumulate text/reasoning deltas so we log one compact "text" record
// per run rather than hundreds of noise records. Flush on step boundaries,
// tool calls, and stream end.
let textBuf = '';
let reasoningBuf = '';
const flushText = (): void => {
if (textBuf.length > 0) {
emit({ kind: 'text', length: textBuf.length, text: textBuf });
textBuf = '';
}
if (reasoningBuf.length > 0) {
emit({ kind: 'reasoning', length: reasoningBuf.length, text: reasoningBuf });
reasoningBuf = '';
}
};
let toolCallIdx = 0;
return {
writeHeader(prompt, config) {
emit({
kind: 'start',
modelId: typeof config.modelId === 'string' ? config.modelId : '<non-string>',
maxSteps: config.maxSteps,
timeoutMs: config.timeoutMs,
prompt,
});
},
writeEvent(event) {
// --- Tool lifecycle (with timing) -------------------------------
if (event.type === 'tool-call' && isRecord(event.payload)) {
flushText();
toolCallIdx += 1;
const toolCallId =
typeof event.payload.toolCallId === 'string' ? event.payload.toolCallId : '';
const toolName =
typeof event.payload.toolName === 'string' ? event.payload.toolName : '<unknown>';
if (toolCallId) toolCallStarts.set(toolCallId, { started: Date.now(), toolName });
emit({
kind: 'tool-call',
step: toolCallIdx,
runId: event.runId,
agentId: event.agentId,
toolName,
toolCallId,
args: truncate(event.payload.args, 2000),
});
} else if (event.type === 'tool-result' && isRecord(event.payload)) {
const toolCallId =
typeof event.payload.toolCallId === 'string' ? event.payload.toolCallId : '';
const start = toolCallId ? toolCallStarts.get(toolCallId) : undefined;
const elapsedMs = start ? Date.now() - start.started : undefined;
if (toolCallId) toolCallStarts.delete(toolCallId);
emit({
kind: 'tool-result',
runId: event.runId,
toolCallId,
toolName: start?.toolName,
elapsedMs,
result: truncate(event.payload.result, 2000),
});
} else if (event.type === 'tool-error' && isRecord(event.payload)) {
const toolCallId =
typeof event.payload.toolCallId === 'string' ? event.payload.toolCallId : '';
const start = toolCallId ? toolCallStarts.get(toolCallId) : undefined;
const elapsedMs = start ? Date.now() - start.started : undefined;
if (toolCallId) toolCallStarts.delete(toolCallId);
emit({
kind: 'tool-error',
runId: event.runId,
toolCallId,
toolName: start?.toolName,
elapsedMs,
error: truncate(event.payload.error, 2000),
});
}
// --- Model output (buffered) ------------------------------------
else if (event.type === 'text-delta' && isRecord(event.payload)) {
if (typeof event.payload.text === 'string') textBuf += event.payload.text;
} else if (event.type === 'reasoning-delta' && isRecord(event.payload)) {
if (typeof event.payload.text === 'string') reasoningBuf += event.payload.text;
}
// --- HITL / confirmations ---------------------------------------
else if (event.type === 'confirmation-request') {
flushText();
emit({ kind: 'confirmation-request', payload: event.payload });
}
// --- Agent / run lifecycle --------------------------------------
else if (event.type === 'agent-spawned' || event.type === 'run-start') {
emit({ kind: event.type, payload: event.payload });
} else if (event.type === 'agent-completed' || event.type === 'run-finish') {
flushText();
emit({ kind: event.type, payload: event.payload });
}
// --- Errors / status --------------------------------------------
else if (event.type === 'error' && isRecord(event.payload)) {
flushText();
emit({
kind: 'stream-error',
content: event.payload.content,
statusCode: event.payload.statusCode,
provider: event.payload.provider,
technicalDetails: truncate(event.payload.technicalDetails, 2000),
});
} else if (event.type === 'status' && isRecord(event.payload)) {
emit({ kind: 'status', message: event.payload.message });
} else if (event.type === 'tasks-update') {
emit({ kind: 'tasks-update', payload: event.payload });
} else {
// Compact catch-all for less-common events — keeps file readable.
emit({ kind: event.type });
}
},
write(record) {
// Ensure any pending text is flushed before synthetic records so
// the order in the file reflects when things actually happened.
flushText();
emit(record);
},
async close() {
if (closed) return;
flushText();
// Any tool calls still unpaired at close are logged so a silent
// mid-stream drop doesn't leave `toolCallStarts` ghosts invisible.
for (const [id, info] of toolCallStarts.entries()) {
emit({
kind: 'tool-call-unresolved',
toolCallId: id,
toolName: info.toolName,
elapsedMs: Date.now() - info.started,
});
}
emit({ kind: 'log-end', totalToolCalls: toolCallIdx });
closed = true;
await new Promise<void>((resolve) => stream.end(() => resolve()));
},
};
}
/**
* Convert a `submit-workflow` attempt into a `WorkflowBuildOutcome`.
*
* Production's `build-workflow-agent.tool.ts` does the same thing inside the
* orchestrator. We mirror it here (minus orchestrator-only fields like
* triggerType detection) so `verify-built-workflow` finds a sensible outcome
* stored against the workItemId.
*/
function toWorkflowBuildOutcome(
workItemId: string,
runId: string,
taskId: string,
attempt: SubmitWorkflowAttempt,
): WorkflowBuildOutcome {
if (!attempt.success) {
return {
workItemId,
runId,
taskId,
submitted: false,
triggerType: 'manual_or_testable',
needsUserInput: false,
failureSignature: attempt.errors?.join('; '),
remediation: attempt.remediation,
summary: attempt.errors?.join(' ') ?? 'Workflow submission failed.',
};
}
const placeholderRemediation = attempt.hasUnresolvedPlaceholders
? createRemediation({
category: 'needs_setup',
shouldEdit: false,
reason: 'mocked_credentials_or_placeholders',
guidance:
'Workflow submitted successfully, but unresolved setup values remain. Stop code edits.',
})
: undefined;
return {
workItemId,
runId,
taskId,
workflowId: attempt.workflowId,
submitted: true,
// Eval doesn't run trigger-aware verification, so the value here is
// cosmetic — the verify tool branches on `executionService.run` result,
// not this field.
triggerType: 'manual_or_testable',
needsUserInput: Boolean(placeholderRemediation),
blockingReason: placeholderRemediation?.guidance,
mockedNodeNames: attempt.mockedNodeNames,
mockedCredentialTypes: attempt.mockedCredentialTypes,
mockedCredentialsByNode: attempt.mockedCredentialsByNode,
triggerNodes: attempt.triggerNodes,
verificationPinData: attempt.verificationPinData,
hasUnresolvedPlaceholders: attempt.hasUnresolvedPlaceholders,
remediation: placeholderRemediation ?? attempt.remediation,
summary: 'Workflow submitted and ready for verification.',
};
}

21
packages/@n8n/instance-ai/evaluations/harness/runner.ts
View File

@ -252,6 +252,8 @@ export interface BuildResult {
createdDataTableIds: string[];
/** Per-turn deterministic counters extracted from the captured event stream. */
conversationMetrics?: ConversationMetrics;
/** Captured SSE events from the build run. */
events?: CapturedEvent[];
/** The thread id used during the build — keys the LangSmith trace lookup. */
threadId?: string;
/** Counts of UserProxyLlm decisions by category (multi-turn builds only). */
@ -278,6 +280,8 @@ export interface BuildWorkflowConfig {
logger: EvalLogger;
/** Optional " [lane N/M]" suffix appended to the build log line. */
laneTag?: string;
/** Let callers that own their own scoring avoid duplicate binary checks. */
skipWorkflowChecks?: boolean;
}
/** A conversation is multi-turn if it has more than one turn, or if the only
@ -423,6 +427,7 @@ export async function buildWorkflow(config: BuildWorkflowConfig): Promise<BuildR
createdWorkflowIds: [],
createdDataTableIds: outcome.dataTablesCreated,
conversationMetrics,
events,
threadId,
proxyDecisionStats,
transcript,
@ -435,12 +440,14 @@ export async function buildWorkflow(config: BuildWorkflowConfig): Promise<BuildR
` Workflow built: ${outcome.workflowsCreated[0].name} (${String(outcome.workflowsCreated[0].nodeCount)} nodes) [${String(Math.round(buildMs / 1000))}s]${isMultiTurn ? ` (${String(conversationMetrics.turnCount)} turn${conversationMetrics.turnCount === 1 ? '' : 's'})` : ''}${proxySuffix}`,
);
const workflowChecks = await runWorkflowChecks({
workflow: outcome.workflowJsons[0],
prompt: userTurnsAsText(transcript),
agentText: outcome.finalText,
logger,
});
const workflowChecks = config.skipWorkflowChecks
? undefined
: await runWorkflowChecks({
workflow: outcome.workflowJsons[0],
prompt: userTurnsAsText(transcript),
agentText: outcome.finalText,
logger,
});
return {
success: true,
@ -449,6 +456,7 @@ export async function buildWorkflow(config: BuildWorkflowConfig): Promise<BuildR
createdWorkflowIds: outcome.workflowsCreated.map((wf) => wf.id),
createdDataTableIds: outcome.dataTablesCreated,
conversationMetrics,
events,
threadId,
proxyDecisionStats,
transcript,
@ -465,6 +473,7 @@ export async function buildWorkflow(config: BuildWorkflowConfig): Promise<BuildR
createdWorkflowIds: [],
createdDataTableIds: [],
conversationMetrics,
events,
threadId,
};
}

14
packages/@n8n/instance-ai/evaluations/harness/stub-services.ts
View File

@ -58,7 +58,7 @@ export interface CreateStubServicesOptions {
/**
* Absolute path to the nodes.json file produced by
* `ai-workflow-builder.ee/pnpm export:nodes`. Required the agent's
* builder sub-agent needs a non-empty node catalogue.
* workflow-builder skill path needs a non-empty node catalogue.
*/
nodesJsonPath: string;
/** Optional user id. */
@ -189,14 +189,10 @@ export async function createStubServices(
async list() {
return [];
},
// `verify-built-workflow` invokes `executionService.run()` after
// `submit-workflow` has captured the TS-compiled workflow JSON. The eval
// has no execution backend, but we want the builder agent's submit →
// verify → done sequence to complete cleanly so the production briefing
// (`DETACHED_BUILDER_REQUIREMENTS`) reads coherently. Returning a
// synthetic success here lets the agent terminate after submit. The
// eval's `buildSuccess` metric is derived from `submit-workflow` capture
// — never from this synthetic verdict — so this can't inflate the score.
// `verify-built-workflow` invokes `executionService.run()` after the
// eval has captured a built workflow JSON. The eval has no execution
// backend, so return a synthetic success to keep discovery runs focused
// on tool dispatch rather than workflow execution fidelity.
async run(workflowId) {
return {
executionId: 'eval-exec-' + nanoid(),

85
packages/@n8n/instance-ai/evaluations/harness/stub-workflow-task-service.ts
View File

@ -1,85 +0,0 @@
// ---------------------------------------------------------------------------
// In-memory `WorkflowTaskService` stub for the in-process eval harness.
//
// Production wires `workflowTaskService` through `instance-ai.service.ts` so
// the orchestrator can persist build outcomes per `workItemId` and the
// builder sub-agent can read them back via `verify-built-workflow`. The eval
// has no persistence layer, so we mirror the production interface against an
// in-memory map. This is enough for the production builder briefing
// (`DETACHED_BUILDER_REQUIREMENTS`) to read coherently:
//
// submit-workflow → reportBuildOutcome (writes to map)
// verify-built-workflow → getBuildOutcome (reads from map) + executes
// verify result → updateBuildOutcome (writes verification record)
//
// Each `buildInProcess` call gets its own service instance — no cross-build
// state leaks.
// ---------------------------------------------------------------------------
/* eslint-disable @typescript-eslint/require-await */
// All `WorkflowTaskService` methods are interface-async even when the
// implementation is synchronous in-memory bookkeeping.
import type { WorkflowTaskService } from '../../src/types';
import type {
VerificationResult,
WorkflowBuildOutcome,
WorkflowLoopAction,
WorkflowLoopState,
} from '../../src/workflow-loop/workflow-loop-state';
export interface InMemoryWorkflowTaskService extends WorkflowTaskService {
/** Read-only access to the latest stored outcome used by callers that
* want to inspect what the agent ended up with after the run. */
peekOutcome(workItemId: string): WorkflowBuildOutcome | undefined;
/** Read-only access to the latest stored verification verdict. */
peekVerdict(workItemId: string): VerificationResult | undefined;
}
/**
* Build a fresh in-memory WorkflowTaskService.
*
* `reportBuildOutcome` and `reportVerificationVerdict` always return
* `{ type: 'ignored', reason: 'eval-mode' }` because the eval has no
* workflow-loop controller there's no rebuild/verify state machine to
* advance. The builder agent only needs the read-back paths to work.
*/
export function createInMemoryWorkflowTaskService(): InMemoryWorkflowTaskService {
const outcomes = new Map<string, WorkflowBuildOutcome>();
const verdicts = new Map<string, VerificationResult>();
return {
async reportBuildOutcome(outcome) {
outcomes.set(outcome.workItemId, outcome);
return { type: 'ignored', reason: 'eval-mode' } satisfies WorkflowLoopAction;
},
async reportVerificationVerdict(verdict) {
verdicts.set(verdict.workItemId, verdict);
return { type: 'ignored', reason: 'eval-mode' } satisfies WorkflowLoopAction;
},
async getBuildOutcome(workItemId) {
return outcomes.get(workItemId);
},
async getWorkflowLoopState(_workItemId): Promise<WorkflowLoopState | undefined> {
// Eval has no loop controller — verify-built-workflow tolerates undefined.
return undefined;
},
async updateBuildOutcome(workItemId, update) {
const existing = outcomes.get(workItemId);
if (!existing) return;
outcomes.set(workItemId, { ...existing, ...update });
},
peekOutcome(workItemId) {
return outcomes.get(workItemId);
},
peekVerdict(workItemId) {
return verdicts.get(workItemId);
},
};
}

7
packages/@n8n/instance-ai/evaluations/outcome/event-parser.ts
View File

@ -17,12 +17,7 @@ import { getNestedRecord as getRecord, getString, isRecord } from '../utils/safe
// Tool names whose results contain resource IDs we need to track
// ---------------------------------------------------------------------------
const WORKFLOW_TOOLS = new Set([
'build-workflow',
'submit-workflow',
'patch-workflow',
'build-workflow-with-agent',
]);
const WORKFLOW_TOOLS = new Set(['build-workflow', 'submit-workflow', 'patch-workflow']);
const EXECUTION_TOOL = 'run-workflow';
const DATA_TABLE_TOOL = 'create-data-table';

7
packages/@n8n/instance-ai/evaluations/outcome/workflow-discovery.ts
View File

@ -11,12 +11,7 @@ import type { AgentOutcome, EventOutcome, ExecutionSummary, WorkflowSummary } fr
// Tool names whose results contain workflow IDs
// ---------------------------------------------------------------------------
const WORKFLOW_TOOLS = new Set([
'build-workflow',
'submit-workflow',
'patch-workflow',
'build-workflow-with-agent',
]);
const WORKFLOW_TOOLS = new Set(['build-workflow', 'submit-workflow', 'patch-workflow']);
// ---------------------------------------------------------------------------
// snapshotWorkflowIds -- call before the run to know what existed prior

85
packages/@n8n/instance-ai/evaluations/subagent/cli.ts
View File

@ -1,11 +1,11 @@
#!/usr/bin/env node
// ---------------------------------------------------------------------------
// CLI for isolated sub-agent evaluation
// CLI for the workflow-build eval corpus
//
// Usage:
// pnpm eval:subagent --verbose
// pnpm eval:subagent --filter webhook --verbose
// pnpm eval:subagent --prompt "Build a webhook workflow" --subagent builder
// pnpm eval:subagent --prompt "Build a webhook workflow"
// pnpm eval:subagent --dataset my-dataset --experiment my-exp --verbose
// ---------------------------------------------------------------------------
@ -15,8 +15,12 @@ import { readFileSync, readdirSync } from 'node:fs';
import { join, basename } from 'node:path';
import { createFeedbackExtractor, mapExampleToTestCase } from './langsmith';
import { runSubAgent, type RunSubAgentDeps } from './runner';
import type { SubAgentTestCase, SubAgentRunnerConfig, SubAgentResult } from './types';
import { runWorkflowBuildEval, type RunWorkflowBuildEvalDeps } from './runner';
import type {
WorkflowBuildEvalCase,
WorkflowBuildEvalConfig,
WorkflowBuildEvalResult,
} from './types';
import { N8nClient } from '../clients/n8n-client';
// ---------------------------------------------------------------------------
@ -27,9 +31,7 @@ interface CliArgs {
filter?: string;
verbose: boolean;
timeoutMs: number;
maxSteps: number;
modelId?: string;
subagent: string;
prompt?: string;
dataset?: string;
experiment?: string;
@ -50,11 +52,9 @@ function requirePositiveInt(raw: string | undefined, flag: string): number {
function parseArgs(argv: string[]): CliArgs {
const args: CliArgs = {
verbose: false,
timeoutMs: 120_000,
maxSteps: 40,
timeoutMs: 900_000,
modelId: process.env.N8N_INSTANCE_AI_EVAL_MODEL,
subagent: 'builder',
concurrency: 5,
concurrency: 1,
baseUrl: process.env.N8N_EVAL_BASE_URL ?? 'http://localhost:5678',
keepWorkflows: false,
};
@ -72,15 +72,9 @@ function parseArgs(argv: string[]): CliArgs {
case '--timeout':
args.timeoutMs = requirePositiveInt(argv[++i], '--timeout');
break;
case '--max-steps':
args.maxSteps = requirePositiveInt(argv[++i], '--max-steps');
break;
case '--model':
args.modelId = argv[++i];
break;
case '--subagent':
args.subagent = argv[++i];
break;
case '--prompt':
args.prompt = argv[++i];
break;
@ -113,7 +107,7 @@ function parseArgs(argv: string[]): CliArgs {
const DATA_DIR = join(__dirname, '..', 'data', 'subagent');
function loadLocalTestCases(filter?: string, subagent?: string): SubAgentTestCase[] {
function loadLocalTestCases(filter?: string): WorkflowBuildEvalCase[] {
let files: string[];
try {
files = readdirSync(DATA_DIR).filter((f) => f.endsWith('.json'));
@ -126,16 +120,13 @@ function loadLocalTestCases(filter?: string, subagent?: string): SubAgentTestCas
files = files.filter((f) => f.includes(filter));
}
const cases: SubAgentTestCase[] = [];
const cases: WorkflowBuildEvalCase[] = [];
for (const file of files) {
const raw = readFileSync(join(DATA_DIR, file), 'utf-8');
let parsed: {
id?: string;
prompt: string;
subagent?: string;
systemPrompt?: string;
tools?: string[];
maxSteps?: number;
modelId?: string;
annotations?: Record<string, unknown>;
};
try {
@ -144,15 +135,11 @@ function loadLocalTestCases(filter?: string, subagent?: string): SubAgentTestCas
console.error(`Failed to parse ${file}`);
continue;
}
const tc: SubAgentTestCase = {
const tc: WorkflowBuildEvalCase = {
id: parsed.id ?? basename(file, '.json'),
prompt: parsed.prompt,
};
const resolvedSubagent = parsed.subagent ?? subagent;
if (resolvedSubagent) tc.subagent = resolvedSubagent;
if (parsed.systemPrompt) tc.systemPrompt = parsed.systemPrompt;
if (parsed.tools) tc.tools = parsed.tools;
if (parsed.maxSteps) tc.maxSteps = parsed.maxSteps;
if (parsed.modelId) tc.modelId = parsed.modelId;
if (parsed.annotations) tc.annotations = parsed.annotations;
cases.push(tc);
}
@ -167,7 +154,7 @@ function truncate(text: string, maxLen: number): string {
return text.length > maxLen ? text.slice(0, maxLen) + '...' : text;
}
function printResult(result: SubAgentResult, verbose: boolean): void {
function printResult(result: WorkflowBuildEvalResult, verbose: boolean): void {
const { testCase, capturedWorkflows, feedback, durationMs, error } = result;
const secs = (durationMs / 1000).toFixed(1);
@ -207,7 +194,7 @@ function printResult(result: SubAgentResult, verbose: boolean): void {
}
}
function printSummary(results: SubAgentResult[]): void {
function printSummary(results: WorkflowBuildEvalResult[]): void {
const passed = results.filter((r) => !r.error && r.capturedWorkflows.length > 0).length;
const failed = results.length - passed;
const avgDuration = results.reduce((sum, r) => sum + r.durationMs, 0) / results.length;
@ -225,8 +212,8 @@ function printSummary(results: SubAgentResult[]): void {
async function runLangsmithMode(
args: CliArgs,
config: SubAgentRunnerConfig,
deps: RunSubAgentDeps,
config: WorkflowBuildEvalConfig,
deps: RunWorkflowBuildEvalDeps,
): Promise<void> {
const apiKey = process.env.LANGSMITH_API_KEY;
if (!apiKey) {
@ -238,12 +225,10 @@ async function runLangsmithMode(
const target = async (inputs: Record<string, unknown>) => {
const testCase = mapExampleToTestCase(inputs);
testCase.subagent ??= args.subagent;
const result = await runSubAgent(testCase, config, deps);
const result = await runWorkflowBuildEval(testCase, config, deps);
return {
prompt: testCase.prompt,
subagent: testCase.subagent ?? 'builder',
text: result.text,
workflow: result.capturedWorkflows[0]?.json ?? null,
feedback: result.feedback,
@ -255,7 +240,7 @@ async function runLangsmithMode(
console.log('Running LangSmith evaluation:');
console.log(` Dataset: ${args.dataset!}`);
console.log(` Experiment: ${args.experiment ?? '(auto-generated)'}`);
console.log(` Sub-agent: ${args.subagent}`);
console.log(' Runner: orchestrator');
console.log(` Concurrency: ${String(args.concurrency)}`);
console.log('');
@ -266,9 +251,8 @@ async function runLangsmithMode(
maxConcurrency: args.concurrency,
client: lsClient,
metadata: {
subagent: args.subagent,
runner: 'orchestrator',
modelId: config.modelId,
maxSteps: config.maxSteps,
timeoutMs: config.timeoutMs,
},
});
@ -289,21 +273,20 @@ async function runLangsmithMode(
async function runLocalMode(
args: CliArgs,
config: SubAgentRunnerConfig,
deps: RunSubAgentDeps,
config: WorkflowBuildEvalConfig,
deps: RunWorkflowBuildEvalDeps,
): Promise<void> {
let testCases: SubAgentTestCase[];
let testCases: WorkflowBuildEvalCase[];
if (args.prompt) {
testCases = [
{
id: 'cli-prompt',
prompt: args.prompt,
subagent: args.subagent,
},
];
} else {
testCases = loadLocalTestCases(args.filter, args.subagent);
testCases = loadLocalTestCases(args.filter);
}
if (testCases.length === 0) {
@ -312,10 +295,10 @@ async function runLocalMode(
}
console.log(
`Running ${String(testCases.length)} sub-agent test case(s) with model ${config.modelId ?? '<server default>'} (concurrency: ${String(args.concurrency)})\n`,
`Running ${String(testCases.length)} workflow-build fixture(s) with binary-check model ${config.modelId ?? '<default>'} (concurrency: ${String(args.concurrency)})\n`,
);
const results: SubAgentResult[] = [];
const results: WorkflowBuildEvalResult[] = [];
// Concurrency=1 falls through the same batched path (batch size 1, strictly sequential).
for (let i = 0; i < testCases.length; i += args.concurrency) {
@ -328,7 +311,7 @@ async function runLocalMode(
}
const batchResults = await Promise.all(
batch.map(async (testCase) => await runSubAgent(testCase, config, deps)),
batch.map(async (testCase) => await runWorkflowBuildEval(testCase, config, deps)),
);
for (const result of batchResults) {
@ -347,17 +330,21 @@ async function runLocalMode(
async function main(): Promise<void> {
const args = parseArgs(process.argv.slice(2));
const config: SubAgentRunnerConfig = {
const config: WorkflowBuildEvalConfig = {
modelId: args.modelId,
timeoutMs: args.timeoutMs,
maxSteps: args.maxSteps,
verbose: args.verbose,
};
const client = new N8nClient(args.baseUrl);
await client.login();
const deps: RunSubAgentDeps = { client, deleteAfterRun: !args.keepWorkflows };
const deps: RunWorkflowBuildEvalDeps = {
client,
deleteAfterRun: !args.keepWorkflows,
preRunWorkflowIds: new Set(await client.listWorkflowIds()),
claimedWorkflowIds: new Set(),
};
if (args.dataset) {
await runLangsmithMode(args, config, deps);

51
packages/@n8n/instance-ai/evaluations/subagent/langsmith.ts
View File

@ -1,10 +1,10 @@
// ---------------------------------------------------------------------------
// LangSmith integration helpers for sub-agent evaluation
// LangSmith integration helpers for workflow-build evaluation
// ---------------------------------------------------------------------------
import type { Example, Run } from 'langsmith/schemas';
import type { Feedback, SubAgentTestCase } from './types';
import type { Feedback, WorkflowBuildEvalCase } from './types';
// ---------------------------------------------------------------------------
// Feedback conversion
@ -72,43 +72,23 @@ export function createFeedbackExtractor(): (args: {
// ---------------------------------------------------------------------------
/**
* Join a multi-part object ({ part_01: "...", part_02: "...", ... }) into a
* single string. Parts are sorted by key to ensure correct ordering.
*/
function joinParts(value: unknown): string | undefined {
if (typeof value === 'string') return value;
if (typeof value !== 'object' || value === null) return undefined;
const parts = Object.entries(value as Record<string, unknown>)
.filter(([k, v]) => k.startsWith('part_') && typeof v === 'string')
.sort(([a], [b]) => a.localeCompare(b))
.map(([, v]) => v as string);
return parts.length > 0 ? parts.join('') : undefined;
}
/**
* Map a LangSmith dataset example's inputs to a SubAgentTestCase.
* Map a LangSmith dataset example's inputs to a WorkflowBuildEvalCase.
*
* Supports two input formats:
*
* Simple format:
* { prompt: string, subagent?, system_prompt?: string, tools?: string[], maxSteps? }
* { prompt: string, model?, annotations? }
*
* Realistic trace format (from production orchestrator):
* {
* task: string, // the user request
* system_prompt: { part_01: "...", part_02: "..." }, // multi-part system prompt
* model?: string, // model ID override
* loaded_tools?: Array<{ name: string, description: string }>,
* loaded_tool_catalog?: { part_01: "...", ... }, // extended tool descriptions
* maxSteps?: number,
* task: string, // the user request
* model?: string, // model ID override
* }
*/
export function mapExampleToTestCase(
inputs: Record<string, unknown>,
exampleId?: string,
): SubAgentTestCase {
): WorkflowBuildEvalCase {
// Accept either "task" (realistic traces) or "prompt" (simple format)
const prompt = typeof inputs.task === 'string' ? inputs.task : inputs.prompt;
if (typeof prompt !== 'string' || prompt.length === 0) {
@ -117,19 +97,6 @@ export function mapExampleToTestCase(
);
}
// System prompt: multi-part object or plain string
const systemPrompt = joinParts(inputs.system_prompt);
// Tools: array of { name, description } objects or plain string array
let tools: string[] | undefined;
if (Array.isArray(inputs.loaded_tools)) {
tools = (inputs.loaded_tools as unknown[])
.filter((t): t is { name: string } => typeof t === 'object' && t !== null && 'name' in t)
.map((t) => t.name);
} else if (Array.isArray(inputs.tools)) {
tools = (inputs.tools as unknown[]).filter((t): t is string => typeof t === 'string');
}
const annotations =
typeof inputs.annotations === 'object' && inputs.annotations !== null
? (inputs.annotations as Record<string, unknown>)
@ -138,11 +105,7 @@ export function mapExampleToTestCase(
return {
id: exampleId ?? `ls-${Date.now()}`,
prompt,
subagent: typeof inputs.subagent === 'string' ? inputs.subagent : undefined,
systemPrompt,
tools,
modelId: typeof inputs.model === 'string' ? inputs.model : undefined,
maxSteps: typeof inputs.maxSteps === 'number' ? inputs.maxSteps : undefined,
annotations,
};
}

149
packages/@n8n/instance-ai/evaluations/subagent/runner.ts
View File

@ -1,21 +1,22 @@
// ---------------------------------------------------------------------------
// HTTP-driven sub-agent runner
// Workflow-build eval runner
//
// Delegates execution to the n8n server's /rest/instance-ai/eval/run-sub-agent
// endpoint, then fetches the resulting workflows via REST and scores them
// with the existing binary-check suite.
// Routes prompts through the normal Instance AI orchestrator build path and
// scores the resulting workflow with binary checks.
// ---------------------------------------------------------------------------
import type {
CapturedWorkflow,
Feedback,
SubAgentResult,
SubAgentRunnerConfig,
SubAgentTestCase,
WorkflowBuildEvalResult,
WorkflowBuildEvalConfig,
WorkflowBuildEvalCase,
} from './types';
import { runBinaryChecks } from '../binaryChecks/index';
import type { BinaryCheckContext } from '../binaryChecks/types';
import type { N8nClient, WorkflowResponse } from '../clients/n8n-client';
import { createLogger, type EvalLogger } from '../harness/logger';
import { buildWorkflow, cleanupBuild, type BuildResult } from '../harness/runner';
/**
* Client-side model used by binary checks (they call Anthropic directly with
@ -24,98 +25,67 @@ import type { N8nClient, WorkflowResponse } from '../clients/n8n-client';
*/
const BINARY_CHECK_DEFAULT_MODEL = 'anthropic/claude-sonnet-4-20250514';
export interface RunSubAgentDeps {
export interface RunWorkflowBuildEvalDeps {
client: N8nClient;
/** Delete workflows after the run (default true). Disable with --keep-workflows. */
deleteAfterRun: boolean;
preRunWorkflowIds: Set<string>;
claimedWorkflowIds: Set<string>;
}
export async function runSubAgent(
testCase: SubAgentTestCase,
config: SubAgentRunnerConfig,
deps: RunSubAgentDeps,
): Promise<SubAgentResult> {
export async function runWorkflowBuildEval(
testCase: WorkflowBuildEvalCase,
config: WorkflowBuildEvalConfig,
deps: RunWorkflowBuildEvalDeps,
): Promise<WorkflowBuildEvalResult> {
const startMs = Date.now();
const role = testCase.subagent ?? 'builder';
const modelId = testCase.modelId ?? config.modelId;
const logger = createRunnerLogger(config.verbose ?? false);
let build: BuildResult | undefined;
try {
const response = await deps.client.runSubAgentEval({
role,
prompt: testCase.prompt,
...(modelId !== undefined ? { modelId } : {}),
...(testCase.maxSteps !== undefined ? { maxSteps: testCase.maxSteps } : {}),
...(config.timeoutMs !== undefined ? { timeoutMs: config.timeoutMs } : {}),
build = await buildWorkflow({
client: deps.client,
conversation: [{ role: 'user', text: testCase.prompt }],
timeoutMs: config.timeoutMs,
preRunWorkflowIds: deps.preRunWorkflowIds,
claimedWorkflowIds: deps.claimedWorkflowIds,
logger,
skipWorkflowChecks: true,
});
// Fetch each captured workflow to prove it round-trips through the real importer.
const capturedWorkflows: CapturedWorkflow[] = [];
const workflowResponses: WorkflowResponse[] = [];
for (const id of response.capturedWorkflowIds) {
try {
const wf = await deps.client.getWorkflow(id);
workflowResponses.push(wf);
capturedWorkflows.push({
json: {
name: wf.name,
nodes: wf.nodes,
connections: wf.connections,
} as CapturedWorkflow['json'],
success: true,
});
} catch (fetchError) {
const message = fetchError instanceof Error ? fetchError.message : String(fetchError);
capturedWorkflows.push({
json: { name: `fetch-failed-${id}` } as CapturedWorkflow['json'],
success: false,
errors: [`Failed to fetch workflow ${id}: ${message}`],
});
}
}
const capturedWorkflows = build.workflowJsons.map(toCapturedWorkflow);
const agentTextResponse = extractAgentText(build);
const feedback = await evaluateCapturedWorkflows({
workflows: workflowResponses,
workflows: build.workflowJsons,
prompt: testCase.prompt,
modelId: modelId ?? BINARY_CHECK_DEFAULT_MODEL,
agentTextResponse: response.text,
agentTextResponse,
...(testCase.annotations ? { annotations: testCase.annotations } : {}),
});
// Surface the server-side run error both as feedback (so LangSmith scores
// Surface the orchestrator build error both as feedback (so LangSmith scores
// it) and as `result.error` (so the CLI printer shows it inline). Same
// string, two consumers — intentional.
if (response.error) {
if (build.error) {
feedback.unshift({
evaluator: 'subagent-runner',
evaluator: 'workflow-build-runner',
metric: 'run_error',
score: 0,
kind: 'score',
comment: response.error,
comment: build.error,
});
}
// Cleanup (best-effort — never fails the run). Run in parallel to keep
// per-case tail latency low when the agent produced several workflows.
if (deps.deleteAfterRun && response.capturedWorkflowIds.length > 0) {
await Promise.all(
response.capturedWorkflowIds.map(async (id) => {
try {
await deps.client.deleteWorkflow(id);
} catch {
// Intentionally swallow — cleanup failure is not a test failure.
}
}),
);
}
const result: SubAgentResult = {
const result: WorkflowBuildEvalResult = {
testCase,
text: response.text,
text: agentTextResponse,
capturedWorkflows,
feedback,
durationMs: Date.now() - startMs,
};
if (response.error) result.error = response.error;
if (build.error) result.error = build.error;
return result;
} catch (error) {
const message = error instanceof Error ? error.message : String(error);
@ -125,7 +95,7 @@ export async function runSubAgent(
capturedWorkflows: [],
feedback: [
{
evaluator: 'subagent-runner',
evaluator: 'workflow-build-runner',
metric: 'run_error',
score: 0,
kind: 'score',
@ -135,9 +105,50 @@ export async function runSubAgent(
durationMs: Date.now() - startMs,
error: message,
};
} finally {
if (deps.deleteAfterRun && build) {
try {
await cleanupBuild(deps.client, build, logger);
} catch {
// cleanupBuild is best-effort; keep the eval result focused on build/scoring.
}
}
}
}
function toCapturedWorkflow(workflow: WorkflowResponse): CapturedWorkflow {
return {
json: {
name: workflow.name,
nodes: workflow.nodes,
connections: workflow.connections,
} as CapturedWorkflow['json'],
success: true,
};
}
function extractAgentText(build: BuildResult): string {
return (
build.transcript
?.map((turn) => turn.agentText)
.filter((text) => text.length > 0)
.join('\n\n') ?? ''
);
}
function createRunnerLogger(verbose: boolean): EvalLogger {
if (verbose) return createLogger(true);
return {
info: () => {},
verbose: () => {},
success: () => {},
warn: () => {},
error: () => {},
isVerbose: false,
};
}
// ---------------------------------------------------------------------------
// Internal: score each captured workflow
// ---------------------------------------------------------------------------
@ -152,7 +163,7 @@ async function evaluateCapturedWorkflows(args: {
const feedback: Feedback[] = [];
feedback.push({
evaluator: 'subagent-runner',
evaluator: 'workflow-build-runner',
metric: 'workflow_produced',
score: args.workflows.length > 0 ? 1 : 0,
kind: 'score',

35
packages/@n8n/instance-ai/evaluations/subagent/types.ts
View File

@ -1,5 +1,5 @@
// ---------------------------------------------------------------------------
// Types for the isolated sub-agent evaluation harness
// Types for the workflow-build eval harness
// ---------------------------------------------------------------------------
import type { WorkflowJSON } from '@n8n/workflow-sdk';
@ -16,33 +16,24 @@ export interface Feedback {
}
/**
* A single sub-agent test case.
* Describes the prompt and configuration for an isolated sub-agent run.
* A single workflow-build eval case.
*/
export interface SubAgentTestCase {
export interface WorkflowBuildEvalCase {
/** Unique test case identifier */
id: string;
/** The prompt / task description sent to the sub-agent */
/** The prompt / task description sent to Instance AI */
prompt: string;
/** Sub-agent type. Determines system prompt and default tools. Defaults to 'builder'. */
subagent?: string;
/** Optional system prompt override. Defaults to the sub-agent type's built-in prompt. */
systemPrompt?: string;
/** Tool names to give the sub-agent. Defaults to the sub-agent type's default set if omitted. */
tools?: string[];
/** Model ID override for this test case. Overrides the runner config modelId. */
modelId?: string;
/** Max agent steps before timeout. Defaults to 40 (see `SubAgentEvalService.DEFAULT_MAX_STEPS`). */
maxSteps?: number;
/** Per-test-case annotations forwarded to binary checks. */
annotations?: Record<string, unknown>;
}
/**
* Workflow captured from a stubbed workflowService.createFromWorkflowJSON call.
* Workflow produced by the orchestrator build path.
*/
export interface CapturedWorkflow {
/** The WorkflowJSON the agent produced (parsed from TypeScript SDK code) */
/** The WorkflowJSON the agent produced */
json: WorkflowJSON;
/** Whether the build-workflow tool reported success */
success: boolean;
@ -51,11 +42,11 @@ export interface CapturedWorkflow {
}
/**
* Result of running a single sub-agent test case.
* Result of running a single workflow-build eval case.
*/
export interface SubAgentResult {
export interface WorkflowBuildEvalResult {
/** The test case that was run */
testCase: SubAgentTestCase;
testCase: WorkflowBuildEvalCase;
/** The agent's final text output */
text: string;
/** Workflows captured from build-workflow tool calls */
@ -69,15 +60,13 @@ export interface SubAgentResult {
}
/**
* Configuration for the sub-agent runner.
* Configuration for the workflow-build eval runner.
*/
export interface SubAgentRunnerConfig {
export interface WorkflowBuildEvalConfig {
/** Optional model override. When unset, the server resolves the model from its own settings. */
modelId?: string;
/** Timeout per test case in milliseconds. Defaults to 120_000. */
/** Timeout per test case in milliseconds. Defaults to 900_000. */
timeoutMs?: number;
/** Max agent steps. Overridden by test case if set. Defaults to 40 (see `SubAgentEvalService.DEFAULT_MAX_STEPS`). */
maxSteps?: number;
/** Whether to print verbose output */
verbose?: boolean;
}

21
packages/@n8n/instance-ai/scripts/print-prompts.ts
View File

@ -14,10 +14,6 @@ import { join, resolve } from 'path';
import { buildSubAgentPrompt } from '../src/agent/sub-agent-factory';
import { getSystemPrompt } from '../src/agent/system-prompt';
import {
BUILDER_AGENT_PROMPT,
createSandboxBuilderAgentPrompt,
} from '../src/tools/orchestration/build-workflow-agent.prompt';
import { PLANNER_AGENT_PROMPT } from '../src/tools/orchestration/plan-agent-prompt';
interface Variant {
@ -120,23 +116,6 @@ function collectAgents(): AgentEntry[] {
source: 'src/tools/orchestration/plan-agent-prompt.ts → PLANNER_AGENT_PROMPT',
variants: [{ file: 'prompt', body: PLANNER_AGENT_PROMPT }],
},
{
folder: 'builder',
displayName: 'Sub-Agent — Workflow Builder',
source: 'src/tools/orchestration/build-workflow-agent.prompt.ts',
variants: [
{
file: 'tool',
label: 'tool mode (no sandbox) → BUILDER_AGENT_PROMPT',
body: BUILDER_AGENT_PROMPT,
},
{
file: 'sandbox',
label: 'sandbox mode → createSandboxBuilderAgentPrompt(workspaceRoot: /workspace)',
body: createSandboxBuilderAgentPrompt('/workspace'),
},
],
},
{
folder: 'delegate',
displayName: 'Sub-Agent — Generic Delegate (template)',

557
packages/@n8n/instance-ai/skills/workflow-builder/SKILL.md Normal file
View File

@ -0,0 +1,557 @@
---
name: workflow-builder
description: >-
Builds and edits n8n workflows with the workflow SDK. Use for new planned
workflow builds, existing-workflow edits, verification repairs,
credential-aware node configuration, and setup routing. This is the former
workflow-builder agent guidance, now loaded as a skill by the orchestrator.
recommended_tools:
- build-workflow
- workflows
- nodes
- data-tables
- credentials
- verify-built-workflow
- executions
---
# Workflow Builder
You are an expert n8n workflow builder. You generate complete, valid
TypeScript code using `@n8n/workflow-sdk`.
This skill runs inside the orchestrator. It does not introduce a separate
builder agent, sub-agent handoff, sandbox workspace, or separate tool allowlist.
Use the orchestrator tools already available in the current turn. If a relevant
orchestrator or MCP tool is available through tool search, use it when it helps
complete the build.
For normal new-workflow requests, call `plan` first so the user can approve the
build plan. Use this skill to create new workflows only during an approved
`<planned-task-follow-up type="build-workflow">` turn. If this skill was loaded
for a normal new-workflow request, stop discovery and call `plan` immediately.
Do not call `delegate` to build, patch, fix, verify, or update workflows. The
builder work happens here with the workflow-builder guidance and the
orchestrator's tools.
## Output Discipline
- Your text output is visible to the user. Be concise and natural.
- Only output text for errors that need attention, or a brief natural completion
message.
- No emojis, no filler phrases, no markdown headers in your text output.
- When conversation context is provided, use it to continue naturally. Do not
repeat information the user already knows.
### No Narration
Do not announce what you are about to do. The user already sees tool calls in
real time. Stay silent while working; speak only on completion or when blocked.
Bad:
- "I'll build this workflow. Let me start by discovering credentials..."
- "I'll start by reading the current workflow code..."
- "I don't see any pinData, so let me check..."
Good:
- "Workflow ready: Telegram messages are summarized and added to your table."
- "Workflow updated: removed the stale pinData from the weather check node."
- "Blocked: the Linear API credential is missing; setup is required before I can
continue."
## Tool Surface
Tool names are part of the compatibility contract. Keep using the same tool
names the old builder used:
- `build-workflow` to save TypeScript SDK code or apply targeted patches.
- `workflows(action="get-as-code")` before precise patches to an existing
workflow when you need the current code.
- `workflows(action="get")`, `workflows(action="list")`, and
`workflows(action="setup")` when inspection or setup routing is needed.
- `credentials(action="list" | "get" | "search-types" | "test")` for credential
metadata and connection checks.
- `nodes(action="suggested")` for known workflow categories.
- `nodes(action="search")` for service-specific node discovery.
- `nodes(action="type-definition")` for exact parameter names, enum values,
credential types, display conditions, and `@builderHint` annotations.
- `nodes(action="explore-resources")` for live credential-backed resource lists.
- `data-tables(action="list" | "create" | "schema")` for Data Table work.
- `parse-file` for parseable user attachments.
- `research` for external documentation when node definitions are insufficient.
- `ask-user` only when a human choice is needed.
- `executions` and `verify-built-workflow` for verification when the current
turn is responsible for verification.
- `complete-checkpoint` and `report-verification-verdict` only in checkpoint
follow-up turns.
## Repair Strategy
When called with failure details for an existing workflow, start from the
pre-loaded code or the saved workflow code. Do not re-discover node types that
are already present unless the repair touches their parameters, resources,
credentials, versions, or wiring semantics.
For small fixes, prefer patch mode:
```json
{
"workflowId": "existing-id",
"patches": [{ "old_str": "exact old code", "new_str": "replacement code" }]
}
```
Patches apply to the last submitted code, or the tool fetches the saved workflow
when `workflowId` is provided. Use full code for larger rewrites.
## Escalation
If you are stuck or need information only a human can provide, use `ask-user`.
Do not retry the same failing approach more than twice. Never solicit API keys,
tokens, passwords, or other secrets through `ask-user`; route credential
collection through workflow setup or credential setup surfaces.
## Placeholders
Use `placeholder('descriptive hint')` for values that cannot be safely picked
without the user:
- User-provided values that cannot be discovered, such as email recipients,
phone numbers, custom URLs, notification targets, or chat IDs.
- Resource IDs with more than one candidate when
`nodes(action="explore-resources")` returns multiple matches and the user did
not name a specific one.
Never hardcode fake values like `user@example.com`, `YOUR_API_KEY`, bearer
tokens, Slack channel IDs, Telegram chat IDs, or sample recipient lists. After
the build, `workflows(action="setup")` opens an inline setup card in the AI
Assistant panel so the user can fill placeholder values.
## Mandatory Process
1. Research. If the workflow fits a known category, call
`nodes(action="suggested")` first. Useful categories include
`notification`, `data_persistence`, `chatbot`, `scheduling`,
`data_transformation`, `data_extraction`, `document_processing`,
`form_input`, `content_generation`, `triage`, and
`scraping_and_research`.
2. Use `nodes(action="search")` for service-specific nodes. Use short service
names like "Gmail" or "Slack", not full task phrases like "send email SMTP".
Search results include discriminators for nodes that need `resource`,
`operation`, or `mode`.
3. Call `nodes(action="type-definition")` with the exact node IDs you will use.
Include discriminators from search results. Fetch up to five definitions in
one call. Do not speculatively fetch definitions for nodes you will not use.
4. Read `@builderHint`, `@default`, `@searchListMethod`, `@loadOptionsMethod`,
valid enum values, credential types, and display conditions in the returned
definitions.
5. Resolve real resource IDs. For each parameter with `searchListMethod` or
`loadOptionsMethod`, call `nodes(action="explore-resources")` with the exact
method name, method type, credential type, and credential ID. This is
mandatory for calendars, spreadsheets, channels, folders, databases, models,
and any other list-backed parameter when a credential is available.
6. Build complete TypeScript SDK code and call `build-workflow`.
7. Trace wiring before declaring done. For IF, Switch, Merge, AI-agent, loop, or
multi-workflow wiring, trace each branch from source to target. Confirm IF
outputs use `.onTrue()` and `.onFalse()`, Switch outputs use zero-based
`.onCase(index, target)`, Merge modes match the data shape, and sub-nodes are
attached to the correct parent.
8. Fix errors. If `build-workflow` returns errors, repair with targeted patches
when possible, or resubmit full SDK code for larger changes. Save again before
any verification step.
9. Modify existing workflows with `workflowId` plus patches where possible. Use
`workflows(action="get-as-code")` first when you need to identify exact code
to replace.
10. Finish with a concise completion message only when the build, required
setup routing, or required verification path is complete.
Do not produce visible output until the final step, unless blocked.
## Verification Contract
Use the current turn's higher-priority instructions to decide who verifies:
- Direct existing-workflow edits: after `build-workflow` succeeds, follow the
orchestrator post-build flow. If `verificationReadiness.status === "ready"`,
call `verify-built-workflow` with the returned `workItemId` and `workflowId`.
- Checkpoint follow-ups: verify with `verify-built-workflow` or `executions` and
report once with `complete-checkpoint`.
- Planned build follow-ups that explicitly say to stop after save: stop after a
successful `build-workflow`. The checkpoint task owns verification.
When this turn is responsible for verification, do not stop after a successful
save. The job is done when one of these is true:
- The workflow is verified by structured tool evidence.
- Setup is required and `workflows(action="setup")` has been routed or deferred.
- A remediation guard says `shouldEdit: false`.
- You are blocked after one repair attempt per unique failure signature.
Trigger input shapes:
- Manual or Schedule: use `executions(action="run")` when appropriate. Schedule
usually needs no `inputData`.
- Form Trigger: pass a flat field map, for example
`{ "name": "Alice", "email": "a@b.c" }`. Do not wrap in `formFields`.
- Webhook: pass the body payload. The adapter wraps it under `body`; downstream
expressions should use `$json.body.<field>`.
- Chat Trigger: pass `{ "chatInput": "user message" }`.
- Other event triggers such as Linear, GitHub, Slack, or MCP: pass `inputData`
matching the trigger's expected payload shape.
If verification returns remediation with `shouldEdit: false`, stop editing and
follow its guidance. If verification fails with `shouldEdit: true`, make one
batched code repair, call `build-workflow` again, and retry within the repair
budget. If a failure repeats, stop and explain the blocker.
Do not publish the main workflow automatically. Publishing is the user's
decision after testing.
## Credential Rules
- Call `credentials(action="list")` early when the task touches external
services. Note each credential's `id`, `name`, and `type`.
- Use `newCredential('Credential Name', 'credential-id')` only when the user
selected a specific existing credential, there is exactly one unambiguous
matching credential, or the workflow already had that credential.
- If no exact credential was selected, more than one credential matches, or the
service needs a new credential, use `newCredential('Suggested Credential
Name')`. Build tools mock unresolved credentials for verification, and setup
collects real credentials later.
- Never use raw credential objects like `{ id: '...', name: '...' }` in builder
SDK code. When editing roundtripped code that contains raw credential objects,
replace them with `newCredential()` calls.
- The credential key, such as `slackApi`, is the credential type from the node
type definition.
- If a required credential type is not listed, call
`credentials(action="search-types")` with the service name. Prefer dedicated
credential types over generic auth. When generic auth is truly needed, prefer
`httpBearerAuth` over `httpHeaderAuth`.
- Credential-selection guidance applies to outbound service calls. For inbound
trigger nodes such as Webhook, Form Trigger, Chat Trigger, and MCP Trigger,
keep authentication at its default `none` unless the user explicitly asks to
authenticate inbound traffic.
- Always declare `output` on nodes that use unresolved credentials when mock
data is needed for verification.
## Missing Resources
When `nodes(action="explore-resources")` returns no results for a required
resource:
1. If the resource can be represented as a user choice, use
`placeholder('Select <resource>')` and let setup collect it after the build.
2. If the user explicitly asked you to create the resource and the node type
definition has a safe create operation, build and verify that
resource-creation workflow as part of the requested work.
3. Otherwise, leave the main workflow as a saved draft and mention the missing
resource in the one-line completion summary.
For resources that cannot be created via n8n, explain clearly what the user
needs to create manually and what ID or value belongs in setup.
## Compositional Workflows
For complex workflows, you may decompose work into supporting sub-workflows and
a main workflow. This is part of an approved build task, not a reason to call
`delegate` or create a new plan.
Use this pattern when a workflow is large, has reusable chunks, or benefits from
independent testing. Simple workflows should stay in one workflow.
1. Build each supporting workflow first with `build-workflow` and
`isSupportingWorkflow: true`.
2. Give each supporting workflow an `executeWorkflowTrigger` (version 1.1) with
an explicit input schema.
3. Use the returned supporting `workflowId` in the main workflow's
`executeWorkflow` node with `source: 'database'`.
4. Save the main workflow last with `build-workflow` and without
`isSupportingWorkflow`; this is the build task's final deliverable outcome.
5. Do not publish the main workflow automatically. Supporting workflows may be
published when the parent workflow needs them active for verification or
runtime references, but only after their setup requirements are resolved.
Example supporting workflow trigger:
```ts
const inputTrigger = trigger({
type: 'n8n-nodes-base.executeWorkflowTrigger',
version: 1.1,
config: {
parameters: {
inputSource: 'workflowInputs',
workflowInputs: {
values: [
{ name: 'city', type: 'string' },
{ name: 'units', type: 'string' },
],
},
},
},
});
```
Example main-workflow reference:
```ts
const getWeather = node({
type: 'n8n-nodes-base.executeWorkflow',
version: 1.2,
config: {
name: 'Get Weather Data',
parameters: {
source: 'database',
workflowId: { __rl: true, mode: 'id', value: 'SUPPORTING_WORKFLOW_ID' },
mode: 'once',
workflowInputs: {
mappingMode: 'defineBelow',
value: { city: expr('{{ $json.city }}'), units: 'metric' },
},
},
},
});
```
Replace `SUPPORTING_WORKFLOW_ID` with the real ID returned by the supporting
`build-workflow` call. If a supporting workflow uses mocked credentials or
placeholders, route setup before publishing or relying on it.
## Data Tables
n8n normalizes Data Table column names to snake_case, for example `dayName`
becomes `day_name`. Always call `data-tables(action="schema")` before using a
Data Table in workflow code so you use real column names.
When building workflows that create or use tables, use the data table skill
guidance already loaded by the orchestrator when available. Create or inspect
tables directly with `data-tables`; do not invent table IDs, table names, or
column names.
## SDK Code Rules
- Use `@n8n/workflow-sdk`.
- Do not specify node positions. They are auto-calculated by the layout engine.
- Use `expr('{{ $json.field }}')` for n8n expressions. Variables must be inside
`{{ }}`.
- Do not use TypeScript-only syntax that the workflow parser cannot interpret,
such as `as const`.
- Use string values directly for discriminator fields like `resource` and
`operation`, for example `resource: 'message'`.
- When editing a pre-loaded workflow, remove `position` arrays from node
configs; they are auto-calculated.
- Use `placeholder('hint')` directly as the parameter value. Do not wrap
placeholders in `expr()`, objects, or arrays unless the node definition
explicitly expects an object and the placeholder is the direct value of one
field.
- For single-execution nodes that receive many items but should run once, set
`executeOnce: true`.
Use this import shape unless the task needs fewer symbols:
```ts
import {
workflow,
node,
trigger,
sticky,
placeholder,
newCredential,
ifElse,
switchCase,
merge,
splitInBatches,
nextBatch,
languageModel,
memory,
tool,
outputParser,
embedding,
embeddings,
vectorStore,
retriever,
documentLoader,
textSplitter,
fromAi,
nodeJson,
expr,
} from '@n8n/workflow-sdk';
```
## Workflow Rules
Follow these rules strictly when generating workflows:
1. Always use `newCredential()` for authentication. Never use placeholder
strings, fake API keys, hardcoded auth values, invented credential IDs, or
raw `mock-*` IDs.
2. Trust empty item lists. When a query returns zero items, downstream nodes
simply do not run. Do not add `alwaysOutputData: true` just to keep a chain
alive, and do not add an IF gate before a loop only to check whether items
exist.
3. Use `executeOnce: true` for a node that receives many items but should run
once, such as a summary notification, report generation, or API call that
does not vary per input item.
4. Pick the right control-flow primitive:
- Per-item loop with side effects: `splitInBatches` with `batchSize: 1`,
feeding the per-item work and looping back via `nextBatch`.
- Drop items that do not match a predicate: `filter`.
- Two mutually exclusive paths that both do real work: IF with `.onTrue()`
and `.onFalse()`.
- Many mutually exclusive paths keyed off a value: Switch with
`.onCase(index, target)`.
5. Input and output indices are zero-based. `.input(0)` and `.output(0)` are the
first input and output. `.input(1)` is the second input, not the first.
## Tool Naming Rules
- Name tools by the action they perform, not by repeating the integration or
tool family name.
- Always set an explicit `config.name` on every `tool(...)` node. Do not rely on
auto-generated names for tools.
- Do not prefix a tool name with the service name when the tool already belongs
to that service.
- Prefer concise snake_case action names like `get_email`, `add_labels`, or
`mark_as_read`.
- Avoid redundant names like `gmail_get_email`, `slack_send_message`, or
`notion_create_page` unless the user explicitly asked for that exact name.
## Node Configuration Safety Rules
- Fetch `nodes(action="type-definition")` before configuring nodes. Generated
definitions and `@builderHint` annotations are the source of truth.
- Use live `nodes(action="explore-resources")` for resource locator, list, and
model fields when credentials are available.
- If a configuration is unclear after reading the definition, ask for
clarification or use placeholders. Do not guess.
- Pay attention to `@builderHint` annotations in search results and type
definitions. They contain node-specific configuration rules and examples.
## Expression Reference
Available variables inside `expr('{{ ... }}')`:
- `$json`: current item's JSON data from the immediate predecessor node.
- `$('NodeName').item.json`: access another node's output by name.
- `$input.first()`, `$input.all()`, and `$input.item`.
- `$binary`: binary data from the current item.
- `$now` and `$today`: Luxon date/time helpers.
- `$itemIndex`, `$runIndex`, `$execution.id`, `$execution.mode`,
`$workflow.id`, and `$workflow.name`.
Variables must always be inside `{{ }}`:
```ts
expr('Hello {{ $json.name }}')
expr('Report for {{ $now.toFormat("MMMM d, yyyy") }} - {{ $json.title }}')
expr('{{ $("Source").all().map(i => ({ option: i.json.name })) }}')
```
When `$json` is unsafe, reference the source node explicitly. This matters for
AI Agent subnodes, fan-in nodes after IF/Switch/Merge, and values that come from
further upstream:
```ts
sessionKey: nodeJson(telegramTrigger, 'message.chat.id')
```
## SDK Patterns Reference
Define nodes first, then compose the workflow:
```ts
const startTrigger = trigger({
type: 'n8n-nodes-base.manualTrigger',
version: 1,
config: { name: 'Start' },
});
const fetchData = node({
type: 'n8n-nodes-base.httpRequest',
version: 4.3,
config: { name: 'Fetch Data', parameters: { method: 'GET', url: placeholder('API URL') } },
});
export default workflow('id', 'name').add(startTrigger).to(fetchData);
```
When two upstream data sources are independent, do not chain them if that would
multiply items. Use `executeOnce: true` or parallel branches plus Merge.
For Merge nodes, input indices are zero-based:
```ts
const combine = merge({
version: 3.2,
config: { name: 'Combine Results', parameters: { mode: 'combine', combineBy: 'combineByPosition' } },
});
export default workflow('id', 'name')
.add(startTrigger)
.to(sourceA.to(combine.input(0)))
.add(startTrigger)
.to(sourceB.to(combine.input(1)))
.add(combine)
.to(processResults);
```
For IF:
```ts
const isImportant = ifElse({
version: 2.2,
config: {
name: 'Is Important',
parameters: {
conditions: {
options: { caseSensitive: true, leftValue: '', typeValidation: 'strict', version: 2 },
conditions: [
{ id: 'priority', leftValue: expr('{{ $json.priority }}'), rightValue: 'high', operator: { type: 'string', operation: 'equals' } },
],
combinator: 'and',
},
},
},
});
source.to(isImportant);
isImportant.onTrue(handleImportant);
isImportant.onFalse(ignore);
```
For Switch, use zero-based `.onCase(index, target)` for each rule output.
For Split in Batches, use it for per-item side effects and loop back with
`nextBatch`. Do not add a separate IF gate just to check whether items exist.
For AI Agent workflows:
- Attach language models, memory, tools, parsers, retrievers, vector stores, and
other subnodes to the agent as subnodes.
- Tool nodes must have explicit concise `config.name` values.
- Prefer `fromAi(...)` for values the agent should supply to tools.
- Use explicit node references instead of `$json` in subnodes when the value
comes from a trigger or a main-flow node.
## Additional SDK Functions
- `placeholder('hint')`: marks a parameter value for user input.
- `sticky('content', nodes?, config?)`: creates a sticky note. It must still be
added to the workflow.
- `.output(n)`: selects a zero-based output index.
- `.onError(handler)`: connects a node's error output to a handler. Requires
`onError: 'continueErrorOutput'` in the node config.
- `nodeJson(node, 'field.path')`: creates an explicit expression reference to a
specific node's JSON output.
- Subnode factories follow the same pattern as `languageModel()` and `tool()`:
`memory()`, `outputParser()`, `embeddings()`, `vectorStore()`, `retriever()`,
`documentLoader()`, and `textSplitter()`.
## Completion
For a successful build, finish with one concise sentence naming the workflow and
what changed. Include the workflow ID when it is available. If setup is
required, say plainly that setup is needed; do not tell the user to open a setup
wizard or navigate away from the AI Assistant panel.

47
packages/@n8n/instance-ai/src/agent/__tests__/instance-agent.test.ts
View File

@ -59,6 +59,7 @@ jest.mock('../../tools', () => ({
['research', mockBuiltTool(`research-${context.runLabel ?? 'unknown'}`)],
['nodes', mockBuiltTool(`nodes-${context.runLabel ?? 'unknown'}`)],
['executions', mockBuiltTool(`executions-${context.runLabel ?? 'unknown'}`)],
['build-workflow', mockBuiltTool(`build-workflow-${context.runLabel ?? 'unknown'}`)],
]),
),
createOrchestrationTools: jest.fn(
@ -66,7 +67,6 @@ jest.mock('../../tools', () => ({
new Map([
['plan', mockBuiltTool(`plan-${context.runId}`)],
['create-tasks', mockBuiltTool(`create-tasks-${context.runId}`)],
['build-workflow-with-agent', mockBuiltTool(`build-${context.runId}`)],
['complete-checkpoint', mockBuiltTool(`complete-checkpoint-${context.runId}`)],
['verify-built-workflow', mockBuiltTool(`verify-built-workflow-${context.runId}`)],
]),
@ -176,21 +176,18 @@ describe('createInstanceAgent', () => {
expect(Agent).toHaveBeenCalledTimes(2);
const attachedTools = getAttachedTools();
const secondRunAttachedTools = getAttachedTools(1);
expect(attachedTools['plan-run-1']).toMatchObject({ name: 'plan-run-1' });
expect(attachedTools['research-run-1']).toMatchObject({ name: 'research-run-1' });
expect(attachedTools['build-run-1']).toMatchObject({ name: 'build-run-1' });
expect(attachedTools['build-workflow-run-1']).toMatchObject({
name: 'build-workflow-run-1',
});
expect(attachedTools['workflows-run-1']).toMatchObject({ name: 'workflows-run-1' });
expect(attachedTools['verify-built-workflow-run-1']).toMatchObject({
name: 'verify-built-workflow-run-1',
});
expect(mockAgentInstances[0]?.deferredTool).toHaveBeenCalledWith(
expect.arrayContaining([expect.objectContaining({ name: 'nodes-run-1' })]),
{ search: { topK: 5 } },
);
expect(mockAgentInstances[1]?.deferredTool).toHaveBeenCalledWith(
expect.arrayContaining([expect.objectContaining({ name: 'nodes-run-2' })]),
{ search: { topK: 5 } },
);
expect(attachedTools['nodes-run-1']).toMatchObject({ name: 'nodes-run-1' });
expect(secondRunAttachedTools['nodes-run-2']).toMatchObject({ name: 'nodes-run-2' });
});
it('eager-loads checkpoint settlement tools only for checkpoint follow-up runs', async () => {
@ -216,11 +213,33 @@ describe('createInstanceAgent', () => {
expect(attachedTools['complete-checkpoint-checkpoint-run']).toMatchObject({
name: 'complete-checkpoint-checkpoint-run',
});
expect(attachedTools['executions-checkpoint-run']).toMatchObject({
name: 'executions-checkpoint-run',
});
expect(deferredTools['complete-checkpoint-checkpoint-run']).toBeUndefined();
expect(deferredTools['executions-checkpoint-run']).toBeUndefined();
});
it('keeps workflow-builder skill tool names always loaded', async () => {
await createInstanceAgent({
modelId: 'test-model',
context: {
runLabel: 'builder-skill-run',
localGatewayStatus: undefined,
licenseHints: undefined,
localMcpServer: undefined,
},
orchestrationContext: {
runId: 'builder-skill-run',
},
memoryConfig: { lastMessages: 20 },
mcpManager: createMcpManagerStub(),
} as never);
const attachedTools = getAttachedTools();
const deferredTools = getDeferredTools();
for (const toolName of ['build-workflow', 'nodes', 'executions']) {
const scopedName = `${toolName}-builder-skill-run`;
expect(attachedTools[scopedName]).toMatchObject({ name: scopedName });
expect(deferredTools[scopedName]).toBeUndefined();
}
});
it('does not attach a workspace to the orchestrator Agent', async () => {

50
packages/@n8n/instance-ai/src/agent/__tests__/system-prompt.test.ts
View File

@ -127,11 +127,12 @@ describe('getSystemPrompt', () => {
);
});
it('routes existing-workflow edits through bypassPlan', () => {
it('routes existing-workflow edits through the workflow-builder skill', () => {
const prompt = getSystemPrompt({});
expect(prompt).toMatch(/Any edit to an existing workflow that runs the builder/);
expect(prompt).toContain('`bypassPlan: true`');
expect(prompt).toContain('load the `workflow-builder` skill');
expect(prompt).toContain('call `build-workflow` directly');
expect(prompt).toContain('existing `workflowId`');
});
@ -150,19 +151,19 @@ describe('getSystemPrompt', () => {
});
});
describe('post-build verify for bypassPlan', () => {
describe('post-build verify for direct workflow builds', () => {
it('uses verificationReadiness as the post-build routing signal', () => {
const prompt = getSystemPrompt({});
expect(prompt).toContain('Post-build flow');
expect(prompt).toContain('verify-built-workflow');
expect(prompt).toContain('outcome.verificationReadiness');
expect(prompt).toContain('outcome.setupRequirement');
expect(prompt).toContain('outcome.verificationReadiness.status === "ready"');
expect(prompt).toContain('outcome.verificationReadiness.status === "needs_setup"');
expect(prompt).toContain('outcome.verificationReadiness.status === "not_verifiable"');
expect(prompt).toContain('outcome.setupRequirement.status === "required"');
expect(prompt).toContain('outcome.triggerNodes');
expect(prompt).toContain('`verificationReadiness`');
expect(prompt).toContain('`setupRequirement`');
expect(prompt).toContain('verificationReadiness.status === "ready"');
expect(prompt).toContain('verificationReadiness.status === "needs_setup"');
expect(prompt).toContain('verificationReadiness.status === "not_verifiable"');
expect(prompt).toContain('setupRequirement.status === "required"');
expect(prompt).toContain('`triggerNodes`');
expect(prompt).not.toContain('outcome.usesWorkflowPinDataForVerification');
expect(prompt).not.toContain('outcome.verificationPinData');
});
@ -184,20 +185,18 @@ describe('getSystemPrompt', () => {
expect(prompt).toContain('building first and routing setup after verification');
});
it('reads workflowId/workItemId from the outcome field, not result', () => {
it('reads workflowId/workItemId from build-workflow output', () => {
const prompt = getSystemPrompt({});
expect(prompt).toContain('outcome.workflowId');
expect(prompt).toContain('outcome.workItemId');
expect(prompt).toContain('outcome.verificationReadiness');
expect(prompt).toContain('outcome.setupRequirement');
expect(prompt).toMatch(/result.*only a short text summary/);
expect(prompt).toContain('read `workflowId`, `workItemId`, `triggerNodes`');
expect(prompt).toContain('`verificationReadiness`');
expect(prompt).toContain('`setupRequirement`');
});
it('reuses deterministic already-verified readiness instead of re-running verify', () => {
const prompt = getSystemPrompt({});
expect(prompt).toContain('outcome.verificationReadiness.status === "already_verified"');
expect(prompt).toContain('verificationReadiness.status === "already_verified"');
expect(prompt).toContain('do **not** call `verify-built-workflow` again');
});
@ -233,32 +232,21 @@ describe('getSystemPrompt', () => {
);
});
it('tells the orchestrator it may patch during a checkpoint and will re-enter the same checkpoint', () => {
it('tells the orchestrator it may patch during a checkpoint and re-verify in place', () => {
const prompt = getSystemPrompt({});
expect(prompt).toContain('patch in place');
expect(prompt).toMatch(
/you will receive another `<planned-task-follow-up type="checkpoint">` for the SAME checkpoint/,
);
expect(prompt).toContain('call `build-workflow` directly during this checkpoint turn');
expect(prompt).toContain('re-verify');
expect(prompt).toContain('complete-checkpoint');
});
it('allows one more in-checkpoint patch if the first surfaced a new narrow bug', () => {
it('keeps in-checkpoint patch attempts bounded', () => {
const prompt = getSystemPrompt({});
expect(prompt).toMatch(/call `complete-checkpoint`.*OR spawn one more in-checkpoint patch/);
expect(prompt).toMatch(/Keep the patch count small/);
expect(prompt).toMatch(/within two rounds/);
});
it('still warns not to end a checkpoint turn with an unsettled in-turn patch', () => {
const prompt = getSystemPrompt({});
expect(prompt).toMatch(
/Do NOT end a checkpoint turn that had an in-turn patch spawned without either calling `complete-checkpoint` on the next re-entry or spawning another bounded patch/,
);
});
});
describe('multi-credential disambiguation guidance', () => {

10
packages/@n8n/instance-ai/src/agent/sub-agent-briefing.ts
View File

@ -17,7 +17,7 @@ export interface SubAgentBriefingInput {
artifacts?: Record<string, unknown>;
/** Additional context blocks (e.g., sandbox instructions, workflowId notes). */
additionalContext?: string;
/** Requirements block (e.g., DETACHED_BUILDER_REQUIREMENTS). */
/** Requirements block. */
requirements?: string;
/** Iteration log + task key for retry context. */
iteration?: {
@ -34,9 +34,9 @@ export interface SubAgentBriefingInput {
/**
* Build a structured XML-formatted briefing for a sub-agent.
*
* All sub-agent spawn sites (delegate, builder) use this
* instead of ad-hoc string concatenation. The XML structure gives the LLM
* clear section boundaries and makes the briefing parseable.
* Sub-agent spawn sites use this instead of ad-hoc string concatenation.
* The XML structure gives the LLM clear section boundaries and makes the
* briefing parseable.
*/
export async function buildSubAgentBriefing(input: SubAgentBriefingInput): Promise<string> {
const parts: string[] = [];
@ -59,7 +59,7 @@ export async function buildSubAgentBriefing(input: SubAgentBriefingInput): Promi
parts.push(input.additionalContext);
}
// Requirements block — e.g., DETACHED_BUILDER_REQUIREMENTS
// Requirements block
if (input.requirements) {
parts.push(input.requirements);
}

50
packages/@n8n/instance-ai/src/agent/system-prompt.ts
View File

@ -46,7 +46,7 @@ Some trigger nodes expose HTTP endpoints. Always share the full production URL w
- **\`public: true\`**: the public chat URL is ${webhookBaseUrl}/{webhookId}/chat — share it after the workflow is published. {webhookId} is the node's unique webhook ID; read it from the workflow JSON, never guess. End users can open this URL in a browser.
The /chat suffix is unique to Chat Trigger do NOT append it to Form Trigger or Webhook URLs. (Your own testing via \`executions(action="run")\` and \`verify-built-workflow\` works regardless of \`public\` or publish state.)
**These URLs are for sharing with the user only.** Do NOT include them in \`build-workflow-with-agent\` task descriptions — the builder cannot reach the n8n instance via HTTP and will fail if it tries to curl/fetch these URLs.`;
**These URLs are for sharing with the user only.** Do NOT hardcode them into workflow code or build specs unless the workflow actually needs to send or store its own public endpoint.`;
}
function getReadOnlySection(branchReadOnly?: boolean): string {
@ -87,15 +87,15 @@ export function getSystemPrompt(options: SystemPromptOptions = {}): string {
${getDateTimeSection(timeZone)}
${webhookBaseUrl && formBaseUrl ? getInstanceInfoSection(webhookBaseUrl, formBaseUrl) : ''}
You have access to workflow, execution, and credential tools plus a specialized workflow builder. You also have delegation capabilities for complex tasks, and may have access to MCP tools for extended capabilities.
You have access to workflow, execution, and credential tools plus a specialized workflow-builder skill. You also have delegation capabilities for complex tasks, and may have access to MCP tools for extended capabilities.
## When to Plan
Route by **what you are touching**, not by how risky the change feels:
1. **New workflow (no \`workflowId\`) or multi-workflow build** → call \`plan\`. If the workflow will create, read, update, seed, import, or store records in n8n Data Tables, load the \`data-table-manager\` skill before \`plan\` and carry the relevant table guidance into \`guidance\` or \`conversationContext\`. The planner sub-agent discovers credentials, data tables, and best practices; workflow tasks include any data table names, columns, seed/import needs, or existing-table requirements in the workflow spec, and the builder creates/uses them. The orchestrator-run checkpoint independently proves every workflow deliverable works. Do NOT ask the user questions first — the planner asks targeted questions itself if needed. Only pass \`guidance\` when the conversation is ambiguous or when you need to pass loaded skill guidance. When \`plan\` returns, tasks are already dispatched.
1. **New workflow (no \`workflowId\`) or multi-workflow build** → call \`plan\` immediately. Do not load the \`workflow-builder\` skill, look up node schemas, or call \`build-workflow\` before planning. If the workflow will create, read, update, seed, import, or store records in n8n Data Tables, load the \`data-table-manager\` skill before \`plan\` and carry the relevant table guidance into \`guidance\` or \`conversationContext\`. The planner sub-agent discovers credentials, data tables, and best practices; workflow tasks include any data table names, columns, seed/import needs, or existing-table requirements in the workflow spec, and the builder creates/uses them. The orchestrator-run checkpoint independently proves every workflow deliverable works. Do NOT ask the user questions first — the planner asks targeted questions itself if needed. Only pass \`guidance\` when the conversation is ambiguous or when you need to pass loaded skill guidance. When \`plan\` returns, tasks are already dispatched.
2. **Any edit to an existing workflow that runs the builder** (add/remove/rewire a node, change an expression, swap a credential, change a schedule, fix a Code node) call \`build-workflow-with-agent\` directly with \`bypassPlan: true\`, the existing \`workflowId\`, and a one-sentence \`reason\`. A plan-for-every-edit is too slow; the orchestrator runs a lightweight verify afterwards (see **Post-build flow**).
2. **Any edit to an existing workflow that runs the builder** (add/remove/rewire a node, change an expression, swap a credential, change a schedule, fix a Code node) load the \`workflow-builder\` skill and call \`build-workflow\` directly with the existing \`workflowId\`. The tool asks for approval before saving when required. A plan-for-every-edit is too slow; run the lightweight post-build verify afterwards (see **Post-build flow**).
3. **Non-build ops on an existing workflow** (rename, toggle active, duplicate, move to folder, describe, read executions, publish, delete) use the specific direct tool (\`workflows\`, \`executions\`, etc.). The builder does not run.
@ -113,38 +113,38 @@ When \`credentials(action="setup")\` returns \`needsBrowserSetup=true\`, load th
## Workflow Building
Never use \`delegate\` to build, patch, fix, or update workflows — delegate does not have access to the builder sandbox, verification, or submit tools.
Never use \`delegate\` to build, patch, fix, or update workflows — workflow building happens in the orchestrator with the \`workflow-builder\` skill and the workflow build tools.
To edit an existing workflow, call \`build-workflow-with-agent\` directly with \`bypassPlan: true\`, the existing \`workflowId\`, a one-sentence \`reason\`, and a \`task\` spec describing what to change. The orchestrator verifies the result afterwards via \`verify-built-workflow\` when the build outcome says verification is ready (see **Post-build flow**). Use \`plan\` only when the change spans multiple workflows, creates new workflows, or a workflow build needs new or changed data-table schemas — then the orchestrator-run checkpoint drives verification.
To edit an existing workflow, load the \`workflow-builder\` skill, read the current workflow code when needed with \`workflows(action="get-as-code")\`, and call \`build-workflow\` with the existing \`workflowId\`. The tool handles edit approval before saving when permissions require it. Verify the result afterwards via \`verify-built-workflow\` when the build output says verification is ready (see **Post-build flow**). Use \`plan\` when the change spans multiple workflows, creates new workflows, or a workflow build needs new or changed data-table schemas — then the orchestrator-run checkpoint drives verification.
The detached builder handles node discovery, schema lookups, resource discovery, code generation, validation, and saving. Describe **what** to build (or fix), not **how**: user goal, integrations, credential names, data flow, data table schemas. Don't specify node types or parameter configurations. Mention integrations by service name (Slack, Google Calendar) but don't specify which channels, calendars, spreadsheets, folders, or other resources to use the builder resolves real resource IDs at build time.
The \`workflow-builder\` skill handles node discovery, schema lookups, resource discovery, code generation, validation, repair, and saving. It runs in you, the orchestrator, with the native orchestrator tools directly available; it is not a delegated sub-agent or a separate sandbox lifecycle. For planned workflow builds, follow the build task spec exactly. For direct edits, describe the user goal in your own working notes, then implement it with SDK code or targeted \`build-workflow\` patches.
**Parameter-value precedence: user > builder > you.** If the user named a concrete value (model ID, resource ID, enum choice, version), pass it through verbatim. Otherwise leave the slot unspecified the builder resolves it from each node's \`@builderHint\` / \`@default\`, which are more current than your training data. Your own "sensible default" is never the right answer. Describe integrations at the category level — "OpenAI chat model", "hourly scheduler", "lookup spreadsheet".
**Never hardcode fake user data in the task spec** no \`user@example.com\`, \`YOUR_API_KEY\`, \`Bearer YOUR_TOKEN\`, sample Slack channel IDs, fake Telegram chat IDs, fake Teams thread IDs, sample recipient lists (\`alice@company.com\`, etc.). When the user hasn't provided a specific value, describe the slot generically ("user's email address", "target Slack channel", "API bearer token") and let the builder wrap it with \`placeholder()\` so \`workflows(action="setup")\` can collect it after the build through the inline setup card in the AI Assistant panel.
Always pass \`conversationContext\` when spawning background agents (\`build-workflow-with-agent\`, \`delegate\`) — summarize what was discussed, decisions made, and information gathered. Exception: \`plan\` reads the conversation history directly — only pass \`guidance\` if the context is ambiguous.
Always pass \`conversationContext\` when spawning background agents (\`delegate\`) — summarize what was discussed, decisions made, and information gathered. Exception: \`plan\` reads the conversation history directly — only pass \`guidance\` if the context is ambiguous.
**After spawning any background agent** (\`build-workflow-with-agent\`, \`delegate\`, \`plan\`, or \`create-tasks\`): do not write any text. The task card shows the user what's being built or done; restating it (e.g. the workflow name, what the agent will do) is redundant. Do NOT summarize the plan, list credentials, describe what the agent will do, or add status details. The agent's progress is already visible to the user in real time.
**After spawning any background agent** (\`delegate\`, \`plan\`, or \`create-tasks\`): do not write any text. The task card shows the user what's being built or done; restating it (e.g. the workflow name, what the agent will do) is redundant. Do NOT summarize the plan, list credentials, describe what the agent will do, or add status details. The agent's progress is already visible to the user in real time.
**Credentials**: Call \`credentials(action="list")\` first to know what's available. Build the workflow immediately — the builder preserves explicit valid credentials and auto-mocks missing or unselected ones. Do not ask whether to build now and set up credentials later; building first and routing setup after verification is the default path. Planned builder tasks verify through checkpoints; the orchestrator handles workflow setup after verification when the saved workflow still has mocked credentials or placeholders.
**Ask once when a service has multiple credentials of the same type.** If \`credentials(action="list")\` shows more than one entry of the type a requested integration needs (e.g. two \`openAiApi\` accounts, three Google Calendar accounts), use \`ask-user\` with a single-select to let the user pick one before dispatching the builder, and pass the choice through \`conversationContext\` by name. Exception: the user already named the credential in their message — use it directly. With a single candidate, auto-apply and do not ask.
**Ask once when a service has multiple credentials of the same type.** If \`credentials(action="list")\` shows more than one entry of the type a requested integration needs (e.g. two \`openAiApi\` accounts, three Google Calendar accounts), use \`ask-user\` with a single-select to let the user pick one before building, and use the chosen credential name in the workflow code. Exception: the user already named the credential in their message — use it directly. With a single candidate, auto-apply and do not ask.
**Ask which auth type to use when a service supports more than one.** \`credentials(action="setup")\` opens a picker locked to a single \`credentialType\` — the user cannot switch auth types from there. So when \`credentials(action="search-types")\` returns more than one auth option for a service (e.g. \`notionApi\` and \`notionOAuth2Api\`, or \`slackApi\` and \`slackOAuth2Api\`), use \`ask-user\` with a single-select to let the user pick the auth type before calling \`credentials(action="setup")\`. List OAuth2 first and present it as the recommended option. Exception: the user has clearly indicated an auth type (e.g. "api key", "oauth", "personal token") — map it to the matching \`credentialType\` and use it directly without asking.
${SECRET_ASK_GUARDRAIL}
**Post-build flow** (for direct \`build-workflow-with-agent\` calls with \`bypassPlan: true\` — checkpoint follow-ups must apply the same setup handoff before completing):
**Post-build flow** (for direct \`build-workflow\` calls — planned build follow-ups hand off verification to checkpoint tasks):
**Publishing is never required for testing.** Both \`executions(action="run")\` and \`verify-built-workflow\` inject \`inputData\` as the trigger's output — the workflow does not need to be active. Form, webhook, chat, and other event-based triggers are all testable while the workflow is unpublished. Never publish a workflow as a precondition for running it.
1. Builder finishes read \`outcome.workflowId\`, \`outcome.workItemId\`, \`outcome.triggerNodes\`, \`outcome.verificationReadiness\`, and \`outcome.setupRequirement\` from the \`<background-task-completed>\` payload's \`outcome\` field (the \`result\` field is only a short text summary). If \`outcome\` is missing, explain that the build did not submit.
- If \`outcome.verificationReadiness.status === "already_verified"\`, treat the workflow as verified and do **not** call \`verify-built-workflow\` again.
- If \`outcome.verificationReadiness.status === "ready"\`, call \`verify-built-workflow\` with the \`workItemId\` / \`workflowId\` and the trigger-appropriate \`inputData\` shape (see **Per-trigger \`inputData\` shape** below).
- If \`outcome.verificationReadiness.status === "needs_setup"\`, call \`workflows(action="setup")\` with the workflowId so the user can configure it through the inline setup card in the AI Assistant panel.
- If \`outcome.verificationReadiness.status === "not_verifiable"\`, do not infer lower-level verification conditions; use the readiness guidance to decide whether to explain the blocker or ask the user to test manually.
2. After verification handling, if \`outcome.setupRequirement.status === "required"\` and setup has not already run for this outcome, call \`workflows(action="setup")\` with the workflowId.
1. \`build-workflow\` succeeds → read \`workflowId\`, \`workItemId\`, \`triggerNodes\`, \`verificationReadiness\`, and \`setupRequirement\` from the tool output. If the output is missing a \`workflowId\`, explain that the build did not submit.
- If \`verificationReadiness.status === "already_verified"\`, treat the workflow as verified and do **not** call \`verify-built-workflow\` again.
- If \`verificationReadiness.status === "ready"\`, call \`verify-built-workflow\` with the \`workItemId\` / \`workflowId\` and the trigger-appropriate \`inputData\` shape (see **Per-trigger \`inputData\` shape** below).
- If \`verificationReadiness.status === "needs_setup"\`, call \`workflows(action="setup")\` with the workflowId so the user can configure it through the inline setup card in the AI Assistant panel.
- If \`verificationReadiness.status === "not_verifiable"\`, do not infer lower-level verification conditions; use the readiness guidance to decide whether to explain the blocker or ask the user to test manually.
2. After verification handling, if \`setupRequirement.status === "required"\` and setup has not already run for this build, call \`workflows(action="setup")\` with the workflowId.
3. When \`workflows(action="setup")\` opens the inline setup card, the card is the user-visible surface. Do not tell the user to open the editor, use the canvas, or click a Setup button; the user does not need to navigate anywhere.
4. When \`workflows(action="setup")\` returns \`deferred: true\`, respect the user's decision — do not retry with \`credentials(action="setup")\` or any other setup tool. The user chose to set things up later.
5. Ask the user if they want to test the workflow (skip this if \`verify-built-workflow\` already proved it works end-to-end).
@ -176,7 +176,7 @@ Examples: search "credential" for the credentials tool, search "file" for filesy
- No emojis unless the user explicitly requests them.
- At the beginning of a normal user-visible turn, before your first tool call, write one short sentence explaining what you are about to do or what decision you need. Keep it tied to the user's goal, not the tool name. For system-generated background or checkpoint follow-up turns, follow the follow-up instructions.
- Never let an empty assistant message or a \`[Calling tools: ...]\` placeholder be the first visible response.
- End every tool call sequence with a brief text summary the user cannot see raw tool output. Do not end your turn silently after tool calls. Exception: after spawning a background agent (\`build-workflow-with-agent\`, \`plan\`, \`create-tasks\`, \`delegate\`) the task card replaces your reply — do not write text.
- End every tool call sequence with a brief text summary the user cannot see raw tool output. Do not end your turn silently after tool calls. Exception: after spawning a background agent (\`plan\`, \`create-tasks\`, \`delegate\`) or during planned-task build/checkpoint follow-ups, the task card or checklist replaces your reply — do not write text.
## Safety
@ -214,23 +214,25 @@ Working memory persists across all your conversations with this user. Keep it fo
When \`plan\` or \`create-tasks\` returns, tasks are already running. Write one short sentence acknowledging the work, then end your turn. Do not summarize — the user already approved the plan. Wait for \`<planned-task-follow-up>\` to arrive; do not invent synthetic follow-up turns.
**Never poll and never sleep.** Background tasks (\`build-workflow-with-agent\`, \`delegate\`) settle via \`<planned-task-follow-up>\` turns that arrive automatically when work finishes. After you spawn or acknowledge one, end your turn. Do not call \`workflows(action="list")\`, \`executions(action="list")\`, or any shell command to check progress — you will receive a follow-up turn the moment the task settles. If a task appears stuck, tell the user and stop; do not try to detect completion yourself. Do not re-dispatch a build whose task ID is already visible in \`<running-tasks>\` — a duplicate call is rejected with a \`Build already in progress\` message.
**Never poll and never sleep.** Background tasks (\`delegate\`) settle via \`<planned-task-follow-up>\` turns that arrive automatically when work finishes. After you spawn or acknowledge one, end your turn. Do not call \`workflows(action="list")\`, \`executions(action="list")\`, or any shell command to check progress — you will receive a follow-up turn the moment the task settles. If a task appears stuck, tell the user and stop; do not try to detect completion yourself. Do not re-dispatch a build whose task ID is already visible in \`<running-tasks>\`.
When \`<running-tasks>\` context is present, use it only to reference active task IDs for cancellation or corrections.
When \`<planned-task-follow-up type="synthesize">\` is present, all planned tasks completed successfully. Treat verified workflow drafts as finished deliverables — they are ready to use. Write a concise completion message that names each delivered artifact (data tables, workflows) and summarizes what it does, using the user's time zone for any scheduled timings. Do not hedge with phrases like "ready to go live" or "let me know when you're ready" — the work is done. If any workflow is unpublished, state that plainly as a one-line next-step note ("Publish when you want it live — you can do that from the workflow editor."), not as a gating condition. Do not create another plan.
When \`<planned-task-follow-up type="synthesize">\` is present, all planned tasks completed successfully. Treat verified workflow drafts as finished deliverables — they are ready to use. If the original user request explicitly asked to run or execute the workflow after building it, call \`executions(action="run")\` once for the built workflow; checkpoint verification does not satisfy a user-requested run. Otherwise write a concise completion message that names each delivered artifact (data tables, workflows) and summarizes what it does, using the user's time zone for any scheduled timings. Do not hedge with phrases like "ready to go live" or "let me know when you're ready" — the work is done. If any workflow is unpublished, state that plainly as a one-line next-step note ("Publish when you want it live — you can do that from the workflow editor."), not as a gating condition. Do not create another plan.
When \`<planned-task-follow-up type="replan">\` is present, a planned task failed and the graph is in \`awaiting_replan\`. You MUST take action in this same turn — handle a single simple task directly (matching tool: \`build-workflow-with-agent\`, \`data-tables\`, \`delegate\`, etc.), call \`create-tasks\` for multiple dependent tasks, or explain the blocker to the user if nothing sensible remains. Do NOT reply with an acknowledgement or status update alone — the scheduler will not fire another follow-up until you act, and the thread will silently stall. Apply the replan branch from \`## When to Plan\` above.
When \`<planned-task-follow-up type="replan">\` is present, a planned task failed and the graph is in \`awaiting_replan\`. You MUST take action in this same turn — handle a single simple task directly (matching tool: \`build-workflow\`, \`data-tables\`, \`delegate\`, etc.), call \`create-tasks\` for multiple dependent tasks, or explain the blocker to the user if nothing sensible remains. Do NOT reply with an acknowledgement or status update alone — the scheduler will not fire another follow-up until you act, and the thread will silently stall. Apply the replan branch from \`## When to Plan\` above.
When \`<planned-task-follow-up type="build-workflow">\` is present, load the \`workflow-builder\` skill and build exactly the \`buildTask\` in the payload. If \`buildTask.workflowId\` is present, update that workflow; otherwise create a new one. Save with \`build-workflow\` and stop after a successful save — do not verify, set up credentials, publish, call \`complete-checkpoint\`, create a new plan, or write a user-facing message. If \`build-workflow\` returns fixable validation errors, patch in the same turn and save again. If the build is blocked, explain the blocker briefly; the planned task finalizer will mark the task failed.
When \`<planned-task-follow-up type="checkpoint">\` is present, the block contains exactly one checkpoint task (\`checkpoint.id\`, \`checkpoint.title\`, \`checkpoint.instructions\`, and \`checkpoint.dependsOn\` — the outcomes of prior tasks, including workflow build outcomes with their \`outcome.workItemId\` / \`outcome.workflowId\`). **Always require structured verification evidence — never trust builder prose.** If a dependency outcome contains successful \`outcome.verification\` tool evidence (\`attempted: true\`, \`success: true\`, an \`executionId\`, and executed-node evidence), use that evidence without re-running verification. Otherwise execute \`checkpoint.instructions\` using your tools — typically \`verify-built-workflow\` with the work item ID from the dependency outcome, or \`executions(action="run")\` for a built workflow with real credentials and a testable trigger. If verification succeeds and any verified workflow dependency outcome has \`outcome.setupRequirement.status === "required"\`, call \`workflows(action="setup")\` with that workflowId before \`complete-checkpoint\`; the inline setup card appears automatically in the AI Assistant panel, so do not tell the user to open the editor, use the canvas, or click a Setup button. If setup returns \`deferred: true\`, respect it and still complete the checkpoint with a result that says setup was deferred. Do not call \`credentials(action="setup")\` or \`apply-workflow-credentials\` for workflow setup. Then call \`complete-checkpoint(taskId, status, result)\` **exactly once** to report the outcome (\`status: "succeeded"\` on pass, \`"failed"\` on a verification failure). Do not create a new plan, do not write a user-facing message — the checkpoint card in the plan checklist is the user-visible surface. End your turn as soon as \`complete-checkpoint\` returns.
When \`<background-task-completed>\` is present, a detached background task (builder or delegate) finished. The \`result\` field holds the sub-agent's authoritative summary of what was actually done. **When you write the user-facing recap, take factual details — model IDs, node names, resource IDs, parameter values — directly from this \`result\` text.** Do not substitute values from conversation history or training priors: if the \`result\` says \`gpt-5.4-mini\`, write \`gpt-5.4-mini\`, not "GPT-4o mini" or any other name you associate with the provider. The task spec describes intent; the \`result\` describes what actually happened.
When \`<background-task-completed>\` is present, a detached background task finished. The \`result\` field holds the sub-agent's authoritative summary of what was actually done. **When you write the user-facing recap, take factual details — model IDs, node names, resource IDs, parameter values — directly from this \`result\` text.** Do not substitute values from conversation history or training priors: if the \`result\` says \`gpt-5.4-mini\`, write \`gpt-5.4-mini\`, not "GPT-4o mini" or any other name you associate with the provider. The task spec describes intent; the \`result\` describes what actually happened.
**If your verification surfaced a bug you can patch in place** (e.g., a Code-node shape issue), you MAY call \`build-workflow-with-agent\` directly during this checkpoint turn to apply the fix. When the patch builder settles, you will receive another \`<planned-task-follow-up type="checkpoint">\` for the SAME checkpoint — re-verify, then on the next re-entry either call \`complete-checkpoint\` (succeeded / failed) OR spawn one more in-checkpoint patch when the first surfaced a new narrow bug. Do NOT end a checkpoint turn that had an in-turn patch spawned without either calling \`complete-checkpoint\` on the next re-entry or spawning another bounded patch. Keep the patch count small: if the issue cannot be narrowed within two rounds, call \`complete-checkpoint(status="failed", error=...)\` with a summary of what remains and let replan take over.
**If your verification surfaced a bug you can patch in place** (e.g., a Code-node shape issue), load the \`workflow-builder\` skill and call \`build-workflow\` directly during this checkpoint turn, passing the existing \`workflowId\` and the dependency \`workItemId\`. Then re-verify in the same checkpoint turn. Keep the patch count small: if the issue cannot be narrowed within two rounds, call \`complete-checkpoint(status="failed", error=...)\` with a summary of what remains and let replan take over.
### Per-trigger \`inputData\` shape
Used by both the checkpoint verification path and the bypassPlan post-build verify step. The pin-data adapter spreads / wraps based on trigger type passing the wrong shape gives null downstream values that look like an expression bug:
Used by both the checkpoint verification path and the direct post-build verify step. The pin-data adapter spreads / wraps based on trigger type passing the wrong shape gives null downstream values that look like an expression bug:
- **Form Trigger** (\`n8n-nodes-base.formTrigger\`) — flat field map, e.g. \`{name: "Alice", email: "a@b.c"}\`. The production Form Trigger emits each field directly on \`$json\`, so the builder's \`$json.<field>\` expressions are correct. **Do NOT wrap in \`formFields\`** — the adapter will reject the call.
- **Webhook** (\`n8n-nodes-base.webhook\`) — the body payload, e.g. \`{event: "signup", userId: "..."}\`. The adapter wraps it under \`body\`, so downstream nodes reference \`$json.body.<field>\`.
- **Chat Trigger** (\`@n8n/n8n-nodes-langchain.chatTrigger\`) — \`{chatInput: "user message"}\`.

17
packages/@n8n/instance-ai/src/index.ts
View File

@ -7,8 +7,6 @@ import type * as McpClientManagerMod from './mcp/mcp-client-manager';
import type * as TitleUtilsMod from './memory/title-utils';
import type * as MaterializeRuntimeSkillsMod from './skills/materialize-runtime-skills';
import type * as RuntimeSkillsMod from './skills/runtime-skills';
import type * as BuildWorkflowAgentPromptMod from './tools/orchestration/build-workflow-agent.prompt';
import type * as BuildWorkflowAgentToolMod from './tools/orchestration/build-workflow-agent.tool';
import type * as DelegateToolMod from './tools/orchestration/delegate.tool';
import type * as LangsmithTracingMod from './tracing/langsmith-tracing';
import type * as EvalAgentsMod from './utils/eval-agents';
@ -65,14 +63,6 @@ const loadInstanceAgent = lazyModule(
const loadSubAgentFactory = lazyModule(
() => require('./agent/sub-agent-factory') as typeof SubAgentFactoryMod,
);
const loadBuildWorkflowAgentPrompt = lazyModule(
() =>
require('./tools/orchestration/build-workflow-agent.prompt') as typeof BuildWorkflowAgentPromptMod,
);
const loadBuildWorkflowAgentTool = lazyModule(
() =>
require('./tools/orchestration/build-workflow-agent.tool') as typeof BuildWorkflowAgentToolMod,
);
const loadDelegateTool = lazyModule(
() => require('./tools/orchestration/delegate.tool') as typeof DelegateToolMod,
);
@ -197,11 +187,6 @@ export {
SUB_AGENT_RESOURCE_PREFIX,
} from './tools/orchestration/agent-persistence';
export declare const BUILDER_AGENT_PROMPT: typeof BuildWorkflowAgentPromptMod.BUILDER_AGENT_PROMPT;
export const startBuildWorkflowAgentTask: typeof BuildWorkflowAgentToolMod.startBuildWorkflowAgentTask =
lazyFunction(() => loadBuildWorkflowAgentTool().startBuildWorkflowAgentTask);
export const startDetachedDelegateTask: typeof DelegateToolMod.startDetachedDelegateTask =
lazyFunction(() => loadDelegateTool().startDetachedDelegateTask);
export {
@ -246,7 +231,6 @@ export type Tool = EvalAgentsMod.Tool;
export const Tool: typeof EvalAgentsMod.Tool = lazyClass(() => loadEvalAgents().Tool);
export declare const SONNET_MODEL: typeof EvalAgentsMod.SONNET_MODEL;
export declare const HAIKU_MODEL: typeof EvalAgentsMod.HAIKU_MODEL;
defineLazyExport('BUILDER_AGENT_PROMPT', () => loadBuildWorkflowAgentPrompt().BUILDER_AGENT_PROMPT);
defineLazyExport('SONNET_MODEL', () => loadEvalAgents().SONNET_MODEL);
defineLazyExport('HAIKU_MODEL', () => loadEvalAgents().HAIKU_MODEL);
defineLazyExport('INSTANCE_AI_SKILLS_DIR', () => loadRuntimeSkills().INSTANCE_AI_SKILLS_DIR);
@ -436,7 +420,6 @@ export type {
FolderSummary,
ServiceProxyConfig,
} from './types';
export type { StartedWorkflowBuildTask } from './tools/orchestration/build-workflow-agent.tool';
export type { DetachedDelegateTaskResult } from './tools/orchestration/delegate.tool';
export {
classifyAttachments,

42
packages/@n8n/instance-ai/src/planned-tasks/__tests__/planned-task-service.test.ts
View File

@ -617,8 +617,20 @@ describe('PlannedTaskCoordinator', () => {
const graph = makeGraph({
tasks: [
makeTaskRecord({ id: 'a', deps: [], status: 'succeeded' }),
makeTaskRecord({ id: 'b', deps: ['a'], status: 'planned' }),
makeTaskRecord({ id: 'c', deps: ['a'], status: 'planned' }),
makeTaskRecord({
id: 'b',
kind: 'delegate',
tools: ['research'],
deps: ['a'],
status: 'planned',
}),
makeTaskRecord({
id: 'c',
kind: 'delegate',
tools: ['nodes'],
deps: ['a'],
status: 'planned',
}),
],
});
return await Promise.resolve(updater(graph));
@ -633,6 +645,23 @@ describe('PlannedTaskCoordinator', () => {
}
});
it('returns orchestrate-build-workflow when a workflow build is ready', async () => {
storage.update.mockImplementation(async (_threadId, updater) => {
const graph = makeGraph({
tasks: [makeTaskRecord({ id: 'wf-1', kind: 'build-workflow', status: 'planned' })],
});
return await Promise.resolve(updater(graph));
});
const action = await coordinator.tick('thread-1');
expect(action.type).toBe('orchestrate-build-workflow');
if (action.type === 'orchestrate-build-workflow') {
expect(action.tasks).toHaveLength(1);
expect(action.tasks[0].id).toBe('wf-1');
}
});
it('returns none when no tasks are ready', async () => {
storage.update.mockImplementation(async (_threadId, updater) => {
const graph = makeGraph({
@ -717,7 +746,8 @@ describe('PlannedTaskCoordinator', () => {
}),
makeTaskRecord({
id: 'wf-2',
kind: 'build-workflow',
kind: 'delegate',
tools: ['research'],
deps: [],
status: 'planned',
}),
@ -774,9 +804,9 @@ describe('PlannedTaskCoordinator', () => {
storage.update.mockImplementation(async (_threadId, updater) => {
const graph = makeGraph({
tasks: [
makeTaskRecord({ id: 'a', status: 'planned' }),
makeTaskRecord({ id: 'b', status: 'planned' }),
makeTaskRecord({ id: 'c', status: 'planned' }),
makeTaskRecord({ id: 'a', kind: 'delegate', tools: ['research'], status: 'planned' }),
makeTaskRecord({ id: 'b', kind: 'delegate', tools: ['research'], status: 'planned' }),
makeTaskRecord({ id: 'c', kind: 'delegate', tools: ['nodes'], status: 'planned' }),
],
});
return await Promise.resolve(updater(graph));

30
packages/@n8n/instance-ai/src/planned-tasks/planned-task-service.ts
View File

@ -122,7 +122,11 @@ export class PlannedTaskCoordinator implements PlannedTaskService {
async createPlan(
threadId: string,
tasks: PlannedTask[],
metadata: { planRunId: string; messageGroupId?: string },
metadata: {
planRunId: string;
messageGroupId?: string;
postBuildRunApprovalRequired?: boolean;
},
): Promise<PlannedTaskGraph> {
validateDependencies(tasks);
@ -132,6 +136,7 @@ export class PlannedTaskCoordinator implements PlannedTaskService {
const graph: PlannedTaskGraph = {
planRunId: metadata.planRunId,
messageGroupId: metadata.messageGroupId,
postBuildRunApprovalRequired: metadata.postBuildRunApprovalRequired ?? undefined,
status: 'awaiting_approval',
tasks: tasks.map<PlannedTaskRecord>((task) => ({
...task,
@ -308,6 +313,21 @@ export class PlannedTaskCoordinator implements PlannedTaskService {
async revertCheckpointToPlanned(
threadId: string,
taskId: string,
): Promise<CheckpointSettleResult> {
return await this.revertRunningTaskToPlanned(threadId, taskId, 'checkpoint');
}
async revertBuildWorkflowToPlanned(
threadId: string,
taskId: string,
): Promise<CheckpointSettleResult> {
return await this.revertRunningTaskToPlanned(threadId, taskId, 'build-workflow');
}
private async revertRunningTaskToPlanned(
threadId: string,
taskId: string,
expectedKind: PlannedTaskRecord['kind'],
): Promise<CheckpointSettleResult> {
let result: CheckpointSettleResult = { ok: false, reason: 'not-found' };
@ -317,7 +337,7 @@ export class PlannedTaskCoordinator implements PlannedTaskService {
result = { ok: false, reason: 'not-found' };
return graph;
}
if (task.kind !== 'checkpoint') {
if (task.kind !== expectedKind) {
result = { ok: false, reason: 'wrong-kind', actual: { kind: task.kind } };
return graph;
}
@ -478,6 +498,12 @@ export class PlannedTaskCoordinator implements PlannedTaskService {
return graph;
}
const readyBuildWorkflow = readyTasks.find((t) => t.kind === 'build-workflow');
if (readyBuildWorkflow) {
action = { type: 'orchestrate-build-workflow', graph, tasks: [readyBuildWorkflow] };
return graph;
}
action = { type: 'dispatch', graph, tasks: readyTasks.slice(0, availableSlots) };
return graph;
});

11
packages/@n8n/instance-ai/src/runtime/__tests__/terminal-response-guard.test.ts
View File

@ -81,6 +81,17 @@ describe('InstanceAiTerminalResponseGuard', () => {
});
});
it('does not emit completed fallback when silence is expected', () => {
const decision = guard().evaluateTerminal([runStart()], 'completed', {
workSummary: { totalToolCalls: 3, totalToolErrors: 0, toolCalls: [] },
suppressCompletedFallback: true,
});
expect(decision.action).toBe('none');
expect(decision.reason).toBe('completed-silent-suppressed');
expect(decision.event).toBeUndefined();
});
it('emits sanitized error when partial root text is followed by failure', () => {
const decision = guard().evaluateTerminal([runStart(), rootText('partial')], 'errored', {
errorMessage: 'Safe error',

8
packages/@n8n/instance-ai/src/runtime/run-state-registry.ts
View File

@ -7,6 +7,7 @@ import type {
InstanceAiLivenessSurface,
InstanceAiLivenessTimeoutReason,
} from './liveness-policy';
import type { WorkflowBuildOutcome } from '../workflow-loop/workflow-loop-state';
export interface ActiveRunState {
runId: string;
@ -31,6 +32,13 @@ export interface SuspendedRunState<TUser = unknown> extends ActiveRunState {
* Preserved across suspend/resume so the resumed run's finalizer can
* run the deadlock fallback and reschedule. */
checkpoint?: { isCheckpointFollowUp: true; checkpointTaskId: string };
/** Set when the suspended run was a planned build-workflow follow-up. */
plannedBuild?: {
isPlannedBuildFollowUp: true;
buildTaskId: string;
workItemId: string;
savedOutcome?: WorkflowBuildOutcome;
};
}
/**

15
packages/@n8n/instance-ai/src/runtime/terminal-response-guard.ts
View File

@ -34,6 +34,7 @@ export interface TerminalResponseDecision {
| 'errored-silent'
| 'errored-after-text'
| 'completed-after-error'
| 'completed-silent-suppressed'
| 'confirmation-visible'
| 'confirmation-invalid';
event?: InstanceAiEvent;
@ -67,7 +68,11 @@ export class InstanceAiTerminalResponseGuard {
evaluateTerminal(
events: InstanceAiEvent[],
status: Exclude<TerminalResponseStatus, 'waiting'>,
options: { workSummary?: WorkSummary; errorMessage?: string } = {},
options: {
workSummary?: WorkSummary;
errorMessage?: string;
suppressCompletedFallback?: boolean;
} = {},
): TerminalResponseDecision {
const visibility = this.getVisibility(events);
if (visibility.hasCurrentRunFallback) {
@ -96,6 +101,14 @@ export class InstanceAiTerminalResponseGuard {
reason: 'already-visible',
};
}
if (options.suppressCompletedFallback) {
return {
status,
visibilitySource: 'none',
action: 'none',
reason: 'completed-silent-suppressed',
};
}
return this.emitText(
status,
'completed-silent',

29
packages/@n8n/instance-ai/src/skills/__tests__/runtime-skills.test.ts
View File

@ -76,4 +76,33 @@ describe('Instance AI runtime skills', () => {
expect(loaded?.instructions).toContain('`resolveData`');
expect(loaded?.instructions).not.toMatch(/MCP|devtools/i);
});
it('loads the bundled workflow-builder skill', async () => {
const source = loadInstanceAiRuntimeSkillSource();
const skill = source.registry.skills.find((entry) => entry.name === 'workflow-builder');
expect(skill?.name).toBe('workflow-builder');
expect(skill?.platforms).toBeUndefined();
expect(skill?.recommendedTools).toEqual([
'build-workflow',
'workflows',
'nodes',
'data-tables',
'credentials',
'verify-built-workflow',
'executions',
]);
expect(skill?.description).toContain('former workflow-builder agent guidance');
const loaded = await source.loadSkill('workflow-builder');
expect(loaded?.instructions).toContain('Tool Surface');
expect(loaded?.instructions).toContain('build-workflow');
expect(loaded?.instructions).toContain('nodes(action="suggested")');
expect(loaded?.instructions).toContain('nodes(action="search")');
expect(loaded?.instructions).toContain('workflows(action="get-as-code")');
expect(loaded?.instructions).toContain("newCredential('Credential Name', 'credential-id')");
expect(loaded?.instructions).toContain('Verification');
expect(loaded?.instructions).toMatch(/inline setup card in the AI\s+Assistant panel/);
expect(loaded?.instructions).toContain('Do not call `delegate`');
});
});

4
packages/@n8n/instance-ai/src/storage/__tests__/iteration-log.test.ts
View File

@ -7,7 +7,7 @@ describe('formatPreviousAttempts', () => {
it('formats a single failed attempt', () => {
const entries: IterationEntry[] = [
{ attempt: 1, action: 'build-workflow-with-agent', result: '', error: 'invalid_auth' },
{ attempt: 1, action: 'build-workflow', result: '', error: 'invalid_auth' },
];
const result = formatPreviousAttempts(entries);
expect(result).toContain('<previous-attempts>');
@ -28,7 +28,7 @@ describe('formatPreviousAttempts', () => {
const entries: IterationEntry[] = [
{
attempt: 1,
action: 'build-workflow-with-agent',
action: 'build-workflow',
result: '',
error: 'missing credential',
diagnosis: 'Slack credential not connected',

1
packages/@n8n/instance-ai/src/storage/planned-task-storage.ts
View File

@ -30,6 +30,7 @@ const plannedTaskRecordSchema = z.object({
const plannedTaskGraphSchema = z.object({
planRunId: z.string(),
messageGroupId: z.string().optional(),
postBuildRunApprovalRequired: z.boolean().optional(),
status: z.enum(['awaiting_approval', 'active', 'awaiting_replan', 'completed', 'cancelled']),
tasks: z.array(plannedTaskRecordSchema),
});

13
packages/@n8n/instance-ai/src/tools/__tests__/index.test.ts
View File

@ -32,10 +32,6 @@ jest.mock('../nodes.tool', () => ({
})),
}));
jest.mock('../orchestration/build-workflow-agent.tool', () => ({
createBuildWorkflowAgentTool: jest.fn(() => ({ id: 'build-workflow-with-agent' })),
}));
jest.mock('../orchestration/complete-checkpoint.tool', () => ({
createCompleteCheckpointTool: jest.fn(() => ({ id: 'complete-checkpoint' })),
}));
@ -149,20 +145,23 @@ describe('domain tool construction', () => {
const orchestratorTools = createOrchestratorDomainTools(context);
expect(Object.fromEntries(orchestratorTools)).toMatchObject({
workflows: { id: 'workflows-filtered' },
workflows: { id: 'workflows' },
evals: { id: 'evals' },
executions: { id: 'executions' },
credentials: { id: 'credentials' },
'data-tables': { id: 'data-tables' },
workspace: { id: 'workspace' },
research: { id: 'research' },
nodes: { id: 'nodes-orchestrator' },
nodes: { id: 'nodes' },
'ask-user': { id: 'ask-user' },
'build-workflow': { id: 'build-workflow' },
});
const { createWorkflowsTool } = jest.requireMock('../workflows.tool');
const { createNodesTool } = jest.requireMock('../nodes.tool');
const { createDataTablesTool } = jest.requireMock('../data-tables.tool');
expect(createWorkflowsTool).toHaveBeenCalledWith(context, 'orchestrator');
expect(createWorkflowsTool).toHaveBeenCalledWith(context);
expect(createNodesTool).toHaveBeenCalledWith(context);
expect(createDataTablesTool).toHaveBeenCalledWith(context);
});

1
packages/@n8n/instance-ai/src/tools/executions.tool.ts
View File

@ -181,6 +181,7 @@ async function handleRun(
// matching the legacy behavior.
const allowList = context.allowedRunWorkflowIds;
const allowedByScope =
context.requireRunWorkflowApproval !== true &&
context.permissions?.runWorkflow === 'always_allow' &&
(allowList === undefined || allowList.has(input.workflowId));
const needsApproval = !allowedByScope;

19
packages/@n8n/instance-ai/src/tools/index.ts
View File

@ -27,10 +27,6 @@ const loadExecutionsTool = lazyMod(
() => require('./executions.tool') as typeof import('./executions.tool'),
);
const loadNodesTool = lazyMod(() => require('./nodes.tool') as typeof import('./nodes.tool'));
const loadBuildWorkflowAgentTool = lazyMod(
() =>
require('./orchestration/build-workflow-agent.tool') as typeof import('./orchestration/build-workflow-agent.tool'),
);
const loadCompleteCheckpointTool = lazyMod(
() =>
require('./orchestration/complete-checkpoint.tool') as typeof import('./orchestration/complete-checkpoint.tool'),
@ -111,21 +107,22 @@ export function createAllTools(context: InstanceAiContext): InstanceAiToolRegist
}
/**
* Creates orchestrator-scoped domain tools. Workflow and node tools keep
* orchestrator-specific surfaces; data tables stay writable so the
* data-table-manager skill can act directly without delegating.
* Creates orchestrator domain tools. Skills run in the orchestrator now, so
* domain tools must keep their full action surface rather than the old
* orchestration-only subset.
*/
export function createOrchestratorDomainTools(context: InstanceAiContext): InstanceAiToolRegistry {
const tools: Array<[string, BuiltTool]> = [
[DOMAIN_TOOL_IDS.WORKFLOWS, loadWorkflowsTool().createWorkflowsTool(context, 'orchestrator')],
[DOMAIN_TOOL_IDS.WORKFLOWS, loadWorkflowsTool().createWorkflowsTool(context)],
[DOMAIN_TOOL_IDS.EVALS, loadEvalsTool().createEvalsTool(context)],
[DOMAIN_TOOL_IDS.EXECUTIONS, loadExecutionsTool().createExecutionsTool(context)],
[DOMAIN_TOOL_IDS.CREDENTIALS, loadCredentialsTool().createCredentialsTool(context)],
[DOMAIN_TOOL_IDS.DATA_TABLES, loadDataTablesTool().createDataTablesTool(context)],
[DOMAIN_TOOL_IDS.WORKSPACE, loadWorkspaceTool().createWorkspaceTool(context)],
[DOMAIN_TOOL_IDS.RESEARCH, loadResearchTool().createResearchTool(context)],
[DOMAIN_TOOL_IDS.NODES, loadNodesTool().createNodesTool(context, 'orchestrator')],
[DOMAIN_TOOL_IDS.NODES, loadNodesTool().createNodesTool(context)],
[DOMAIN_TOOL_IDS.ASK_USER, loadAskUserTool().createAskUserTool()],
[DOMAIN_TOOL_IDS.BUILD_WORKFLOW, loadBuildWorkflowTool().createBuildWorkflowTool(context)],
];
if (context.currentUserAttachments?.some(isParseableAttachment)) {
@ -145,10 +142,6 @@ export function createOrchestrationTools(context: OrchestrationContext): Instanc
[ORCHESTRATION_TOOL_IDS.CREATE_TASKS, loadPlanTool().createPlanTool(context)],
[ORCHESTRATION_TOOL_IDS.TASK_CONTROL, loadTaskControlTool().createTaskControlTool(context)],
[ORCHESTRATION_TOOL_IDS.DELEGATE, loadDelegateTool().createDelegateTool(context)],
[
ORCHESTRATION_TOOL_IDS.BUILD_WORKFLOW_WITH_AGENT,
loadBuildWorkflowAgentTool().createBuildWorkflowAgentTool(context),
],
[
ORCHESTRATION_TOOL_IDS.COMPLETE_CHECKPOINT,
loadCompleteCheckpointTool().createCompleteCheckpointTool(context),

2081
packages/@n8n/instance-ai/src/tools/orchestration/__tests__/build-workflow-agent.tool.test.ts
View File

File diff suppressed because it is too large Load Diff

181
packages/@n8n/instance-ai/src/tools/orchestration/__tests__/builder-memory-compaction.test.ts
View File

@ -1,181 +0,0 @@
import type { AgentDbMessage, BuiltMemory } from '@n8n/agents';
import { compactBuilderMemoryThread } from '../builder-memory-compaction';
type CompactionInput = Parameters<typeof compactBuilderMemoryThread>[0];
type TestBuilderMemoryMessage = AgentDbMessage & {
role: 'assistant';
type: 'llm';
content: Array<{ type: 'text'; text: string }>;
};
function makeMessage(id: string, text: string): TestBuilderMemoryMessage {
return {
id,
role: 'assistant',
createdAt: new Date('2026-01-01T00:00:00.000Z'),
type: 'llm',
content: [{ type: 'text', text }],
};
}
function makeMemory(memoryStore: Partial<BuiltMemory>): jest.Mocked<BuiltMemory> {
return {
getThread: jest.fn(async () => {
await Promise.resolve();
return null;
}),
saveThread: jest.fn(async () => {
await Promise.resolve();
return {
id: 'builder-thread-1',
resourceId: 'user-1:workflow-builder',
createdAt: new Date(),
updatedAt: new Date(),
};
}),
deleteThread: jest.fn(async () => {
await Promise.resolve();
}),
getMessages: jest.fn(async () => {
await Promise.resolve();
return [];
}),
saveMessages: jest.fn(async () => {
await Promise.resolve();
}),
deleteMessages: jest.fn(async () => {
await Promise.resolve();
}),
...memoryStore,
} as jest.Mocked<BuiltMemory>;
}
function makeCompactionInput(
memory: CompactionInput['context']['memory'],
overrides: Partial<CompactionInput> = {},
): CompactionInput {
return {
context: {
memory,
messageGroupId: 'group-1',
},
binding: {
thread: 'builder-thread-1',
resource: 'user-1:workflow-builder',
},
sessionId: 'builder-session-1',
workflowId: 'wf-1',
workItemId: 'wi-1',
sourceFilePath: '/home/daytona/workspace/src/workflow.ts',
nodeSummaries: [
{ name: 'Manual Trigger', type: 'n8n-nodes-base.manualTrigger' },
{ name: 'Slack', type: 'n8n-nodes-base.slack' },
],
triggerNodes: [{ nodeName: 'Manual Trigger', nodeType: 'n8n-nodes-base.manualTrigger' }],
mockedNodeNames: ['Slack'],
mockedCredentialTypes: ['slackApi'],
mockedCredentialsByNode: { Slack: ['slackApi'] },
verification: {
attempted: true,
success: true,
executionId: 'exec-1',
status: 'success',
evidence: { nodesExecuted: ['Manual Trigger', 'Slack'] },
},
lastRequestedChange: 'Send a Slack message when run.',
finalBuilderResult: 'Workflow ready.',
...overrides,
};
}
describe('compactBuilderMemoryThread', () => {
it('compacts a large builder thread into one summary message', async () => {
const messages = [
makeMessage('msg-1', 'initial builder prompt'),
makeMessage('msg-2', 'tool output '.repeat(2000)),
];
const memoryStore = makeMemory({
getMessages: jest.fn(async () => {
await Promise.resolve();
return messages;
}),
deleteMessages: jest.fn(async () => {
await Promise.resolve();
}),
saveMessages: jest.fn(async () => {
await Promise.resolve();
}),
});
const result = await compactBuilderMemoryThread(makeCompactionInput(memoryStore));
expect(result.compacted).toBe(true);
expect(result.rawMessageCount).toBe(2);
expect(result.compactedMessageCount).toBe(1);
expect(memoryStore.deleteMessages).toHaveBeenCalledWith(['msg-1', 'msg-2']);
expect(memoryStore.saveMessages).toHaveBeenCalledTimes(1);
const savedMessage = memoryStore.saveMessages.mock.calls[0][0]
.messages[0] as TestBuilderMemoryMessage;
expect(memoryStore.saveMessages).toHaveBeenCalledWith(
expect.objectContaining({
threadId: 'builder-thread-1',
resourceId: 'user-1:workflow-builder',
}),
);
expect(savedMessage.type).toBe('llm');
const savedText = savedMessage.content[0].text;
expect(savedText).toContain('<builder-memory-summary>');
expect(savedText).toContain('Workflow ID: wf-1');
expect(savedText).toContain('Slack: n8n-nodes-base.slack');
expect(savedText).toContain('Mocked credential types: slackApi');
expect(savedText).toContain('Execution ID: exec-1');
expect(savedText).toContain('Workflow ready.');
});
it('re-compacts after a follow-up without duplicating old summaries', async () => {
let storedMessages = [
makeMessage('msg-1', 'raw builder transcript'),
makeMessage('msg-2', 'first tool output'),
];
const memoryStore = makeMemory({
getMessages: jest.fn(async () => {
await Promise.resolve();
return storedMessages;
}),
deleteMessages: jest.fn(async (messageIds: string[]) => {
await Promise.resolve();
storedMessages = storedMessages.filter((message) => !messageIds.includes(message.id));
}),
saveMessages: jest.fn(async ({ messages }: { messages: AgentDbMessage[] }) => {
await Promise.resolve();
storedMessages.push(...(messages as TestBuilderMemoryMessage[]));
}),
});
await compactBuilderMemoryThread(makeCompactionInput(memoryStore));
storedMessages.push(makeMessage('msg-3', 'follow-up raw transcript'));
await compactBuilderMemoryThread(
makeCompactionInput(memoryStore, {
lastRequestedChange: 'Change the Slack channel.',
finalBuilderResult: 'Workflow updated.',
}),
);
expect(storedMessages).toHaveLength(1);
expect(storedMessages[0].type).toBe('llm');
expect(storedMessages[0].content[0].text).toContain('Change the Slack channel.');
expect(storedMessages[0].content[0].text).toContain('Workflow updated.');
expect(storedMessages[0].content[0].text).not.toContain('raw builder transcript');
});
it('skips safely when memory storage is unavailable', async () => {
const result = await compactBuilderMemoryThread(makeCompactionInput(undefined));
expect(result.compacted).toBe(false);
expect(result.skippedReason).toBe('store_unavailable');
});
});

103
packages/@n8n/instance-ai/src/tools/orchestration/__tests__/complete-checkpoint.tool.test.ts
View File

@ -3,22 +3,34 @@ import { createToolRegistry } from '../../../tool-registry';
import type {
CheckpointSettleResult,
OrchestrationContext,
PlannedTaskGraph,
PlannedTaskService,
} from '../../../types';
jest.mock('../../workflows/setup-workflow.service', () => ({
analyzeWorkflow: jest.fn(),
}));
const { analyzeWorkflow } =
// eslint-disable-next-line @typescript-eslint/no-require-imports, @typescript-eslint/consistent-type-imports
require('../../workflows/setup-workflow.service') as typeof import('../../workflows/setup-workflow.service');
const { createCompleteCheckpointTool } =
// eslint-disable-next-line @typescript-eslint/no-require-imports, @typescript-eslint/consistent-type-imports
require('../complete-checkpoint.tool') as typeof import('../complete-checkpoint.tool');
function makeService(overrides: Partial<PlannedTaskService> = {}): PlannedTaskService {
return {
getGraph: jest.fn().mockResolvedValue(null),
markCheckpointSucceeded: jest.fn(),
markCheckpointFailed: jest.fn(),
...overrides,
} as unknown as PlannedTaskService;
}
function makeContext(service: PlannedTaskService): OrchestrationContext {
function makeContext(
service: PlannedTaskService,
overrides: Partial<OrchestrationContext> = {},
): OrchestrationContext {
return {
threadId: 'thread-1',
runId: 'run-1',
@ -39,10 +51,44 @@ function makeContext(service: PlannedTaskService): OrchestrationContext {
abortSignal: new AbortController().signal,
taskStorage: { get: jest.fn(), save: jest.fn() },
plannedTaskService: service,
...overrides,
};
}
function makeSetupRequiredGraph(): PlannedTaskGraph {
return {
planRunId: 'plan-1',
status: 'active',
tasks: [
{
id: 'wf-1',
title: 'Build workflow',
kind: 'build-workflow',
deps: [],
spec: 'Build it',
status: 'succeeded',
outcome: {
workflowId: 'saved-wf-1',
setupRequirement: { status: 'required', reason: 'mocked-credentials' },
},
},
{
id: 'verify-1',
title: 'Verify workflow',
kind: 'checkpoint',
deps: ['wf-1'],
spec: 'Verify it',
status: 'running',
},
],
};
}
describe('createCompleteCheckpointTool', () => {
beforeEach(() => {
jest.clearAllMocks();
});
it('marks a checkpoint succeeded via markCheckpointSucceeded', async () => {
const service = makeService({
markCheckpointSucceeded: jest
@ -66,6 +112,61 @@ describe('createCompleteCheckpointTool', () => {
expect(service.markCheckpointFailed).not.toHaveBeenCalled();
});
it('does not mark a checkpoint succeeded while dependent workflow setup is pending', async () => {
const service = makeService({
getGraph: jest.fn().mockResolvedValue(makeSetupRequiredGraph()),
markCheckpointSucceeded: jest.fn(),
});
(analyzeWorkflow as jest.Mock).mockResolvedValue([
{
node: { name: 'Slack' },
credentialType: 'slackApi',
needsAction: true,
},
]);
const tool = createCompleteCheckpointTool(
makeContext(service, { domainContext: {} as OrchestrationContext['domainContext'] }),
);
const res = await executeTool(tool, {
taskId: 'verify-1',
status: 'succeeded',
result: 'Verified',
});
expect(res.ok).toBe(false);
expect(res.result).toContain('workflows(action="setup"');
expect(res.result).toContain('saved-wf-1');
expect(res.result).toContain('Slack');
expect(service.markCheckpointSucceeded).not.toHaveBeenCalled();
expect(service.markCheckpointFailed).not.toHaveBeenCalled();
});
it('marks a setup-required checkpoint succeeded after setup has no pending action', async () => {
const service = makeService({
getGraph: jest.fn().mockResolvedValue(makeSetupRequiredGraph()),
markCheckpointSucceeded: jest
.fn()
.mockResolvedValue({ ok: true, graph: { tasks: [], planRunId: 'r', status: 'active' } }),
});
(analyzeWorkflow as jest.Mock).mockResolvedValue([]);
const tool = createCompleteCheckpointTool(
makeContext(service, { domainContext: {} as OrchestrationContext['domainContext'] }),
);
const res = await executeTool(tool, {
taskId: 'verify-1',
status: 'succeeded',
result: 'Verified',
});
expect(res.ok).toBe(true);
expect(service.markCheckpointSucceeded).toHaveBeenCalledWith('thread-1', 'verify-1', {
result: 'Verified',
outcome: undefined,
});
});
it('marks a checkpoint failed via markCheckpointFailed', async () => {
const service = makeService({
markCheckpointFailed: jest

125
packages/@n8n/instance-ai/src/tools/orchestration/__tests__/credential-guardrails.prompt.test.ts
View File

@ -1,125 +0,0 @@
import {
BUILDER_AGENT_PROMPT,
createSandboxBuilderAgentPrompt,
} from '../build-workflow-agent.prompt';
import { PLANNER_AGENT_PROMPT } from '../plan-agent-prompt';
describe('credential guardrail prompts', () => {
it('does not frame API keys as acceptable ask-user inputs in builder prompts', () => {
expect(BUILDER_AGENT_PROMPT).not.toContain('a chat ID, API key, external resource name');
expect(createSandboxBuilderAgentPrompt('/tmp/workspace')).not.toContain(
'a chat ID, API key, external resource name',
);
});
it('keeps inbound trigger authentication disabled unless explicitly requested', () => {
const prompt = createSandboxBuilderAgentPrompt('/tmp/workspace');
expect(prompt).toContain(
'The credential-selection guidance above applies to outbound service calls.',
);
expect(prompt).toContain(
'keep authentication at its default `none` unless the user explicitly asks to authenticate inbound traffic',
);
});
it('tells the planner not to block planning on credential selection', () => {
expect(PLANNER_AGENT_PROMPT).toContain('Handle credentials without blocking planning');
expect(PLANNER_AGENT_PROMPT).toContain('If the user already named a credential');
expect(PLANNER_AGENT_PROMPT).toContain('If there is exactly one matching credential');
expect(PLANNER_AGENT_PROMPT).toContain('auto-select it, do not ask');
expect(PLANNER_AGENT_PROMPT).toContain('If there are no matching credentials, do not ask');
expect(PLANNER_AGENT_PROMPT).toContain(
'Do not offer a choice like "build now and set up credentials later"',
);
expect(PLANNER_AGENT_PROMPT).toContain('builder will use a mocked or unresolved credential');
expect(PLANNER_AGENT_PROMPT).toContain(
'If there is more than one credential of the same required type',
);
expect(PLANNER_AGENT_PROMPT).toContain('ask once with a single-select');
expect(PLANNER_AGENT_PROMPT).toContain('cannot be discovered, only chosen');
expect(PLANNER_AGENT_PROMPT).toContain('credential-backed resource investigation');
expect(PLANNER_AGENT_PROMPT).toContain('Do not turn that into a credential-choice question');
expect(PLANNER_AGENT_PROMPT).toContain('Record the chosen credential name in `assumptions`');
});
it('tells the planner to use the contextual timezone before asking', () => {
expect(PLANNER_AGENT_PROMPT).toContain(
"Never ask for the user's timezone when `<user-timezone>` is present",
);
expect(PLANNER_AGENT_PROMPT).toContain('use `<current-datetime>` / `<user-timezone>`');
expect(PLANNER_AGENT_PROMPT).toContain(
'Only ask if timezone is missing and a date or schedule cannot be interpreted safely',
);
});
it('tells the builder to wrap ambiguous resource matches with placeholder()', () => {
// Both prompts inline PLACEHOLDERS_RULE, which now covers the multi-match case.
const sharedRule = '**Resource IDs with more than one candidate**';
expect(BUILDER_AGENT_PROMPT).toContain(sharedRule);
expect(createSandboxBuilderAgentPrompt('/tmp/workspace')).toContain(sharedRule);
// The sandbox builder additionally repeats the rule at resource-discovery time,
// so it cannot be missed in the step-by-step process.
expect(createSandboxBuilderAgentPrompt('/tmp/workspace')).toContain(
"If `explore-resources` returns more than one match and the user did not name a specific one, use `placeholder('Select <resource>')`",
);
});
it('keeps builder prompts grounded in the inline setup card', () => {
for (const prompt of [
BUILDER_AGENT_PROMPT,
createSandboxBuilderAgentPrompt('/tmp/workspace'),
]) {
expect(prompt).toContain('inline setup card in the AI Assistant panel');
expect(prompt).not.toMatch(/setup wizard/i);
}
});
it('does not inline bulky static node guides in builder prompts', () => {
for (const prompt of [
BUILDER_AGENT_PROMPT,
createSandboxBuilderAgentPrompt('/tmp/workspace'),
]) {
expect(prompt).toContain('## Node Configuration Safety Rules');
expect(prompt).not.toContain('nodes(action="guide")');
expect(prompt).not.toContain('### Set Node Updates - Comprehensive Type Handling Guide');
expect(prompt).not.toContain('#### Complete Operator Reference');
expect(prompt).not.toContain('## IMPORTANT: ResourceLocator Parameter Handling');
}
});
it('does not instruct the sandbox builder about publishing when publish is not on its tool surface', () => {
const prompt = createSandboxBuilderAgentPrompt('/tmp/workspace');
expect(prompt).not.toContain('workflows(action="publish")');
expect(prompt).not.toContain('Do NOT publish');
});
it('points sandbox builders at the task-specific workflow and chunks paths', () => {
const prompt = createSandboxBuilderAgentPrompt('/tmp/workspace', {
mainWorkflowPath: '/tmp/workspace/builder-work-items/wi-one/src/workflow.ts',
sourceDir: '/tmp/workspace/builder-work-items/wi-one/src',
chunksDir: '/tmp/workspace/builder-work-items/wi-one/chunks',
tsconfigPath: '/tmp/workspace/builder-work-items/wi-one/tsconfig.json',
});
expect(prompt).toContain(
'Your active main workflow file is `/tmp/workspace/builder-work-items/wi-one/src/workflow.ts`',
);
expect(prompt).toContain(
'Use `/tmp/workspace/builder-work-items/wi-one/chunks/` for supporting chunk files',
);
expect(prompt).toContain(
'execute_command: cd /tmp/workspace && npx tsc --noEmit --project /tmp/workspace/builder-work-items/wi-one/tsconfig.json 2>&1',
);
expect(prompt).not.toContain('Write workflow code to `/tmp/workspace/src/workflow.ts`');
});
it('uses the provided workspace root for fallback tsc validation', () => {
const prompt = createSandboxBuilderAgentPrompt('/tmp/custom-workspace');
expect(prompt).toContain('execute_command: cd /tmp/custom-workspace && npx tsc --noEmit 2>&1');
expect(prompt).not.toContain('execute_command: cd ~/workspace && npx tsc --noEmit 2>&1');
});
});

3
packages/@n8n/instance-ai/src/tools/orchestration/__tests__/report-verification-verdict.tool.test.ts
View File

@ -315,7 +315,8 @@ describe('report-verification-verdict tool', () => {
);
expect((result as { guidance: string }).guidance).toContain('REBUILD NEEDED');
expect((result as { guidance: string }).guidance).toContain('build-workflow-with-agent');
expect((result as { guidance: string }).guidance).toContain('workflow-builder');
expect((result as { guidance: string }).guidance).toContain('build-workflow');
expect((result as { guidance: string }).guidance).toContain('workflowId: "wf-123"');
});

516
packages/@n8n/instance-ai/src/tools/orchestration/build-workflow-agent.prompt.ts
View File

@ -1,516 +0,0 @@
/**
* System prompts for the preconfigured workflow builder agent.
*
* Two variants:
* - BUILDER_AGENT_PROMPT: Original tool-based builder (no sandbox)
* - createSandboxBuilderAgentPrompt(): Sandbox-based builder with real files + tsc
*/
import {
EXPRESSION_REFERENCE,
ADDITIONAL_FUNCTIONS,
WORKFLOW_RULES,
WORKFLOW_SDK_PATTERNS,
} from '@n8n/workflow-sdk/prompts/sdk-reference';
import { ASK_USER_FALLBACK, PLACEHOLDERS_RULE } from '../../agent/shared-prompts';
// ── Shared output discipline (single source of truth) ──────────────────────
const BUILDER_OUTPUT_DISCIPLINE = `## Output Discipline
- Your text output is visible to the user. Be concise and natural.
- Only output text for: errors that need attention, or a brief natural completion message.
- No emojis, no filler phrases, no markdown headers in your text output.
- When conversation context is provided, use it to continue naturally do not repeat information the user already knows.
### No narration (critical)
Do NOT announce what you're about to do. The user already sees your tool calls in real time via the agent card; narrating them is pure noise. Stay silent while working; speak only on completion or when blocked.
BAD (do not write anything like this):
- "I'll build this family AI assistant for Telegram. Let me start by discovering credentials and resources..."
- "I'll start by reading the current workflow code and looking up the correct Linear node type definition."
- "I don't see any pinData — let me check if there's something embedded in the workflow..."
- "Let me look up the Slack channel IDs now."
GOOD (one-line, only on completion or block):
- "Family AI assistant workflow ready — uses Telegram, OpenAI, and your shopping list data table."
- "Workflow updated: removed the stale pinData from the weather check node."
- "Blocked: the Linear API credential is missing; setup is required before I can continue."`;
// ── Shared SDK reference sections ────────────────────────────────────────────
const SDK_CODE_RULES = `## SDK Code Rules
- Do NOT specify node positions they are auto-calculated by the layout engine.
- For credentials, see the credential rules in your specific workflow process section below.
- For placeholders, see the ## Placeholders section.
- Use \`expr('{{ $json.field }}')\` for n8n expressions. Variables MUST be inside \`{{ }}\`.
- Do NOT use \`as const\` assertions — the workflow parser only supports JavaScript syntax, not TypeScript-only features. Just use plain string literals.
- Use string values directly for discriminator fields like \`resource\` and \`operation\` (e.g., \`resource: 'message'\` not \`resource: 'message' as const\`).
- When editing a pre-loaded workflow, **remove \`position\` arrays** from node configs — they are auto-calculated.`;
const NODE_CONFIGURATION_SAFETY_RULES = `## Node Configuration Safety Rules
- Fetch \`nodes(action="type-definition")\` before configuring nodes. Generated definitions and \`@builderHint\` annotations are the source of truth.
- Use live \`nodes(action="explore-resources")\` for resource locator, list, and model fields when credentials are available.
- If a configuration is unclear after reading the definition, ask for clarification or use placeholders do not guess.`;
const TOOL_NAMING_RULES = `## Tool Naming Rules
- Name tools by the action they perform, not by repeating the integration or tool family name.
- Always set an explicit \`config.name\` on every \`tool(...)\` node you create. Do not rely on auto-generated names for tools.
- Do NOT prefix a tool name with the service name when the tool already belongs to that service.
- Prefer concise snake_case action names like \`get_email\`, \`add_labels\`, or \`mark_as_read\`.
- Avoid redundant names like \`gmail_get_email\`, \`slack_send_message\`, or \`notion_create_page\` unless the user explicitly asked for that exact name.
- Keep names specific enough to distinguish sibling tools, but remove repeated vendor/type prefixes first.`;
// Node-specific configuration examples used to live here. They have moved
// onto the nodes themselves as `@builderHint` annotations and `<patterns>...</patterns>`
// blocks in the generated `.d.ts` — fetch them on-demand via `nodes(action="type-definition")`.
const BUILDER_SPECIFIC_PATTERNS = `## Critical Patterns (Common Mistakes)
**Pay attention to @builderHint annotations in search results and type definitions** they contain node-specific configuration rules and code examples. Read them carefully when configuring any node they prevent common mistakes.`;
// ── Composed SDK rules from shared + local sources ───────────────────────────
// Sandbox-mode variant of WORKFLOW_RULES: rule 1 (credentials) keeps the SDK's
// `newCredential()` outlet so unresolved credentials are explicit in code and
// can be mocked by `submit-workflow`. Rules 2 and 3 are mode-agnostic and
// mirror the shared WORKFLOW_RULES.
const SANDBOX_WORKFLOW_RULES = `Follow these rules strictly when generating workflows:
1. **Use \`newCredential()\` for authentication**
- If the user selected a specific credential or an existing workflow already has one, wire it as \`newCredential('Credential Name', 'credential-id')\` using the exact ID from \`credentials(action="list")\` or the pre-loaded workflow
- If no exact credential was selected, more than one credential matches, or the service needs a new credential, wire \`newCredential('Suggested Credential Name')\`; \`submit-workflow\` will mock it for verification and the orchestrator will route setup after the build
- NEVER invent credential IDs, placeholder strings, fake API keys, or hardcoded auth values
- Example: \`credentials: { slackApi: newCredential('Slack Bot') }\`
- The key (e.g. \`slackApi\`) is the credential **type** from the node type definition
2. **Trust empty item lists don't synthesize fake items**
- When a query returns 0 items, downstream nodes simply don't run for that execution. For scheduled or polling triggers this is the correct "nothing to do this round" signal the next run will execute normally when data appears.
- DO NOT add \`alwaysOutputData: true\` just to "keep the chain alive." Forcing an empty \`{}\` item downstream is what causes \`undefined\` reads, failed HTTP calls to \`GET undefined\`, and Code-node crashes on missing fields.
- DO NOT add an IF gate before a loop to check "has items?" loops (\`splitInBatches\`, per-item nodes, \`filter\`) already no-op on empty input. The gate is redundant and adds a failure surface.
- \`alwaysOutputData: true\` is only correct when you specifically need a downstream branch to run on the "empty" case — e.g. a dedicated "no matches found" notification path. In that case, pair it with an \`IF\` that explicitly checks for the empty case and routes accordingly. Never use it as a default.
- To drop invalid items mid-pipeline, use a \`filter\` node. A \`filter\` that rejects everything emits 0 items and the chain correctly stops — no \`IF\` + \`splitInBatches\` composition needed.
3. **Use \`executeOnce: true\` for single-execution nodes**
- When a node receives N items but should only execute once (not N times), set \`executeOnce: true\`
- Common cases: sending a summary notification, generating a report, calling an API that doesn't need per-item execution
- Example: \`config: { ..., executeOnce: true }\`
4. **Pick the right control-flow primitive**
- **Per-item loop with side effects (fetch, embed, write)** \`splitInBatches\` with \`batchSize: 1\` feeding the per-item work, loop back via \`nextBatch\`. No \`IF\` gate before it.
- **Drop items that don't match a predicate** \`filter\`. It emits 0 items when nothing matches, and the chain stops cleanly.
- **Two mutually exclusive paths that both do real work** \`IF\` (\`onTrue\` / \`onFalse\`).
- **Many mutually exclusive paths keyed off a value** \`switch\` (\`onCase\`).
- Nested control flow is supported: \`ifNode.onTrue(loopBuilder)\`, \`switchNode.onCase(0, loopBuilder)\`, and \`splitInBatches(sib).onEachBatch(ifElseBuilder)\` all compile and wire correctly. Use them when the semantics genuinely call for it, not as a workaround for empty-list handling.`;
function composeSdkRulesAndPatterns(mode: 'tool' | 'sandbox'): string {
return [
SDK_CODE_RULES,
mode === 'sandbox' ? SANDBOX_WORKFLOW_RULES : WORKFLOW_RULES,
TOOL_NAMING_RULES,
'## SDK Patterns Reference\n\n' + WORKFLOW_SDK_PATTERNS,
'## Expression Reference\n\n' + EXPRESSION_REFERENCE,
'## Additional Functions\n\n' + ADDITIONAL_FUNCTIONS,
NODE_CONFIGURATION_SAFETY_RULES,
BUILDER_SPECIFIC_PATTERNS,
].join('\n\n');
}
const SDK_RULES_AND_PATTERNS_TOOL = composeSdkRulesAndPatterns('tool');
const SDK_RULES_AND_PATTERNS_SANDBOX = composeSdkRulesAndPatterns('sandbox');
// ── Original tool-based builder prompt ───────────────────────────────────────
export const BUILDER_AGENT_PROMPT = `You are an expert n8n workflow builder. You generate complete, valid TypeScript code using the @n8n/workflow-sdk.
${BUILDER_OUTPUT_DISCIPLINE}
## Repair Strategy
When called with failure details for an existing workflow, start from the pre-loaded code do not re-discover node types already present.
## Escalation
${ASK_USER_FALLBACK}
${PLACEHOLDERS_RULE}
## Mandatory Process
1. **Research**: If the workflow fits a known category (notification, chatbot, scheduling, data_transformation, etc.), call \`nodes(action="suggested")\` first for curated recommendations. Then use \`nodes(action="search")\` for service-specific nodes (use short service names: "Gmail", "Slack", not "send email SMTP"). The results include \`discriminators\` (available resources and operations) for nodes that need them. Then call \`nodes(action="type-definition")\` with the appropriate resource/operation to get the TypeScript schema with exact parameter names and types. **Pay attention to @builderHint annotations** in search results and type definitions — they prevent common configuration mistakes.
2. **Build**: Write TypeScript SDK code and call \`build-workflow\`. Follow the SDK patterns below exactly.
3. **Trace wiring before declaring done**: For workflows containing IF, Switch, or Merge nodes, trace each branch from its source to its target confirm IF outputs are wired with \`.onTrue()\`/\`.onFalse()\`, every Switch rule output is wired by zero-based \`.onCase(index, target)\`, and the Merge mode matches the data shape. Read each node's \`@builderHint\` for selection criteria.
4. **Fix errors**: If \`build-workflow\` returns errors, use **patch mode**: call \`build-workflow\` with \`patches\` (array of \`{old_str, new_str}\` replacements). Patches apply to your last submitted code, or auto-fetch from the saved workflow if \`workflowId\` is given. Much faster than resending full code.
5. **Modify existing workflows**: When updating a workflow, call \`build-workflow\` with \`workflowId\` + \`patches\`. The tool fetches the current code and applies your patches. Use \`workflows(action="get-as-code")\` first to see the current code if you need to identify what to replace.
6. **Done**: When \`build-workflow\` succeeds, output a brief, natural completion message.
Do NOT produce visible output until step 6. All reasoning happens internally.
## Credential Rules (tool mode)
- Use \`newCredential('Credential Name', 'credential-id')\` only when the user selected a specific existing credential or the workflow already has one.
- If no exact credential was selected, more than one credential matches, or the service needs a new credential, use \`newCredential('Suggested Credential Name')\`; the build tools mock unresolved credentials for verification.
- NEVER use raw credential objects like \`{ id: '...', name: '...' }\` in tool mode.
- When editing a pre-loaded workflow, the roundtripped code may have credentials as raw objects replace them with \`newCredential()\` calls.
- Unresolved credentials (where the user chose mock data, no credential is available, or no explicit selection was made) will be automatically mocked via pinned data at submit time. Always declare \`output\` on nodes that use credentials so mock data is available. The workflow will be testable via manual/test runs but not production-ready until real credentials are added.
${SDK_RULES_AND_PATTERNS_TOOL}
`;
// ── Sandbox-based builder prompt ─────────────────────────────────────────────
export interface SandboxBuilderWorkspaceLayout {
mainWorkflowPath?: string;
sourceDir?: string;
chunksDir?: string;
tsconfigPath?: string;
}
function relativeToWorkspace(workspaceRoot: string, filePath: string): string {
return filePath.startsWith(`${workspaceRoot}/`)
? filePath.slice(workspaceRoot.length + 1)
: filePath;
}
export function createSandboxBuilderAgentPrompt(
workspaceRoot: string,
layout: SandboxBuilderWorkspaceLayout = {},
): string {
const sourceDir = layout.sourceDir ?? `${workspaceRoot}/src`;
const chunksDir = layout.chunksDir ?? `${workspaceRoot}/chunks`;
const mainWorkflowPath = layout.mainWorkflowPath ?? `${sourceDir}/workflow.ts`;
const tsconfigCommand = layout.tsconfigPath
? `cd ${workspaceRoot} && npx tsc --noEmit --project ${layout.tsconfigPath} 2>&1`
: `cd ${workspaceRoot} && npx tsc --noEmit 2>&1`;
const sourceDirLabel = relativeToWorkspace(workspaceRoot, sourceDir);
const chunksDirLabel = relativeToWorkspace(workspaceRoot, chunksDir);
return `You are an expert n8n workflow builder working inside a sandbox with real TypeScript tooling. You write workflow code as files and use \`tsc\` for validation.
${BUILDER_OUTPUT_DISCIPLINE}
## Workspace Layout
The workspace root is \`${workspaceRoot}/\`. IMPORTANT: Always use absolute paths starting with \`${workspaceRoot}/\` for file operations — never use \`~/\` or relative paths with workspace tools. The \`cd $HOME/workspace\` shortcut only works in \`execute_command\`.
\`\`\`
${workspaceRoot}/
package.json # @n8n/workflow-sdk dependency (installed)
tsconfig.json # strict, noEmit, skipLibCheck
node_modules/@n8n/workflow-sdk/ # full SDK with .d.ts types
workflows/ # existing n8n workflows as JSON
node-types/
index.txt # searchable catalog: nodeType | displayName | description | version
${sourceDirLabel}/
workflow.ts # write this task's main workflow code here
${chunksDirLabel}/
*.ts # reusable node/workflow modules for this task
\`\`\`
Your active main workflow file is \`${mainWorkflowPath}\`.
Use \`${chunksDir}/\` for supporting chunk files in this task.
Do not write this task's workflow code into any other builder task directory.
## Modular Code
For complex workflows, split reusable pieces into separate files in \`${chunksDir}/\`:
\`\`\`typescript
// ${chunksDir}/weather.ts
import { node } from '@n8n/workflow-sdk';
export const weatherNode = node({
type: 'n8n-nodes-base.openWeatherMap',
version: 1,
config: {
name: 'Get Weather',
parameters: { locationSelection: 'cityName', cityName: 'London' },
credentials: { openWeatherMapApi: { id: 'credId', name: 'OpenWeatherMap account' } }
}
});
\`\`\`
\`\`\`typescript
// ${mainWorkflowPath}
import { workflow, trigger } from '@n8n/workflow-sdk';
import { weatherNode } from '../chunks/weather';
const scheduleTrigger = trigger({ ... });
export default workflow('my-workflow', 'My Workflow')
.add(scheduleTrigger)
.to(weatherNode);
\`\`\`
The \`submit-workflow\` tool executes your code natively in the sandbox via tsx — local imports resolve naturally via Node.js module resolution. Both the active source and chunks directories are included in tsc validation.
## Compositional Workflow Pattern
For complex workflows, decompose into standalone sub-workflows (chunks) that can be tested independently, then compose them in a main workflow.
### Step 1: Build a chunk as a sub-workflow with a strict input contract
Each chunk uses \`executeWorkflowTrigger\` (v1.1) with explicit input schema:
\`\`\`typescript
// ${chunksDir}/weather-data.ts
import { workflow, node, trigger } from '@n8n/workflow-sdk';
const inputTrigger = trigger({
type: 'n8n-nodes-base.executeWorkflowTrigger',
version: 1.1,
config: {
parameters: {
inputSource: 'workflowInputs',
workflowInputs: {
values: [
{ name: 'city', type: 'string' },
{ name: 'units', type: 'string' }
]
}
}
}
});
const fetchWeather = node({
type: 'n8n-nodes-base.openWeatherMap',
version: 1,
config: {
name: 'Fetch Weather',
parameters: {
locationSelection: 'cityName',
cityName: expr('{{ $json.city }}'),
format: expr('{{ $json.units }}')
},
credentials: { openWeatherMapApi: { id: 'credId', name: 'OpenWeatherMap account' } }
}
});
export default workflow('weather-data', 'Fetch Weather Data')
.add(inputTrigger)
.to(fetchWeather);
\`\`\`
Supported input types: \`string\`, \`number\`, \`boolean\`, \`array\`, \`object\`, \`any\`.
### Step 2: Submit and test the chunk
1. Write the chunk file, then submit it: \`submit-workflow\` with the chunk file path.
- Sub-workflows with \`executeWorkflowTrigger\` can be tested immediately via \`executions(action="run")\`.
2. Run the chunk: \`executions(action="run")\` with \`inputData\` matching the trigger schema.
- **Webhook workflows**: \`inputData\` IS the request body — do NOT wrap it in \`{ body: ... }\`. The system automatically places \`inputData\` into \`{ headers, query, body: inputData }\`. So to test a webhook expecting \`{ title: "Hello" }\`, pass \`inputData: { title: "Hello" }\`. Inside the workflow, the data arrives at \`$json.body.title\`.
- **Event-based triggers** (e.g. Linear Trigger, GitHub Trigger, Slack Trigger): pass \`inputData\` matching what the trigger would normally emit. The system injects it as the trigger node's output — e.g. \`inputData: { action: "create", data: { id: "123", title: "Test issue" } }\` for a Linear Trigger. No need to rebuild the workflow with a Manual Trigger.
3. If it fails, use \`executions(action="debug")\` to investigate, fix, and re-submit.
### Step 3: Compose chunks in the main workflow
Reference the submitted chunk by its workflow ID using \`executeWorkflow\`:
\`\`\`typescript
// ${mainWorkflowPath}
import { workflow, node, trigger } from '@n8n/workflow-sdk';
const scheduleTrigger = trigger({
type: 'n8n-nodes-base.scheduleTrigger',
version: 1.3,
config: { parameters: { rule: { interval: [{ field: 'days', daysInterval: 1 }] } } }
});
const getWeather = node({
type: 'n8n-nodes-base.executeWorkflow',
version: 1.2,
config: {
name: 'Get Weather Data',
parameters: {
source: 'database',
workflowId: { __rl: true, mode: 'id', value: 'CHUNK_WORKFLOW_ID' },
mode: 'once',
workflowInputs: {
mappingMode: 'defineBelow',
value: { city: 'London', units: 'metric' }
}
}
}
});
export default workflow('daily-email', 'Daily Weather Email')
.add(scheduleTrigger)
.to(getWeather)
.to(/* ... more nodes */);
\`\`\`
Replace \`CHUNK_WORKFLOW_ID\` with the actual ID returned by \`submit-workflow\`.
### When to use this pattern
- **Simple workflows** (< 5 nodes): Write everything in \`${mainWorkflowPath}\` directly.
- **Complex workflows** (5+ nodes, multiple integrations): Decompose into chunks.
Build, test, and compose. Each chunk is reusable across workflows.
${PLACEHOLDERS_RULE}
## Missing Resources
When \`nodes(action="explore-resources")\` returns no results for a required resource:
1. If the resource can be represented as a user choice, use \`placeholder('Select <resource>')\` and let the setup flow collect it after the build
2. If the user explicitly asked you to create the resource and the node type definition has a safe create operation, build and verify that resource-creation workflow as part of the requested work
3. Otherwise, leave the main workflow as a saved draft and mention the missing resource in the one-line completion summary
**For resources that can't be created via n8n** (e.g., Slack channels, external API resources), explain clearly in your summary what the user needs to create manually and what ID to put where.
## Repair Strategy
When called with failure details for an existing workflow, start from the pre-loaded code do not re-discover node types already present.
## Escalation
${ASK_USER_FALLBACK}
## Sandbox Isolation
**The sandbox is completely isolated from the n8n instance.** There is no network connectivity between the sandbox and n8n:
- You CANNOT \`curl\`, \`fetch\`, or make any HTTP requests to the n8n host (localhost, 127.0.0.1, or any other address)
- You CANNOT access n8n's REST API, webhook endpoints, or data table API via HTTP
- You CANNOT find or use n8n API keys they do not exist in the sandbox environment
- Do NOT spend time searching for API keys, config files, environment variables, or process info none of it is accessible
**All interaction with n8n is through the provided tools:** \`submit-workflow\`, \`executions(action="run" | "debug" | "get")\`, \`credentials(action="list" | "get" | "search-types" | "test")\`, \`nodes(action="explore-resources")\`, \`workflows(action="list" | "get" | "get-as-code")\`, \`data-tables(action="list" | "create" | "schema")\`, etc. These tools communicate with n8n internally — no HTTP required.
## Sandbox-Specific Rules
- **Full TypeScript/JavaScript support** you can use any valid TS/JS: template literals, array methods (\`.map\`, \`.filter\`, \`.join\`), string methods (\`.trim\`, \`.split\`), loops, functions, \`readFileSync\`, etc. The code is executed natively via tsx.
- **For large HTML, use the file-based pattern.** Write HTML to \`${chunksDir}/page.html\`, then \`readFileSync\` + \`JSON.stringify\` in your SDK code. NEVER embed large HTML directly in jsCode — it will break. See the web_app_pattern section.
- **Em-dash and Unicode**: the sandbox executes real JS so these technically work, but prefer plain hyphens for consistency with the shared SDK rules.
## Credentials (sandbox mode)
Sandbox mode uses \`newCredential()\` for authentication. Call \`credentials(action="list")\` early. Each credential has an \`id\`, \`name\`, and \`type\`. Wire selected existing credentials into nodes like this:
\`\`\`typescript
credentials: {
openWeatherMapApi: newCredential('OpenWeatherMap account', 'yXYBqho73obh58ZS')
}
\`\`\`
For credentials that are not selected yet, keep the credential type key and omit the ID:
\`\`\`typescript
credentials: {
openWeatherMapApi: newCredential('OpenWeatherMap account')
}
\`\`\`
The key (\`openWeatherMapApi\`) is the credential **type** from the node type definition. Exact IDs and names come from \`credentials(action="list")\`.
Use the two-argument form only when the user selected the credential, there is exactly one matching credential, or you are preserving a credential already present on an existing workflow. If no exact credential was selected, more than one credential matches, or the service needs a new credential, use \`newCredential('Suggested Credential Name')\`; \`submit-workflow\` mocks it for verification and the orchestrator handles setup after the build.
If the required credential type is not in \`credentials(action="list")\` results, call \`credentials(action="search-types")\` with the service name (e.g. "linear", "notion") to discover available dedicated credential types. Always prefer dedicated types over generic auth (\`httpHeaderAuth\`, \`httpBearerAuth\`, etc.). When generic auth is truly needed (no dedicated type exists), prefer \`httpBearerAuth\` over \`httpHeaderAuth\`.
The credential-selection guidance above applies to outbound service calls. For inbound trigger nodes such as Webhook, Form Trigger, Chat Trigger, and MCP Trigger, keep authentication at its default \`none\` unless the user explicitly asks to authenticate inbound traffic.
## Data Tables
n8n normalizes column names to snake_case (e.g., \`dayName\`\`day_name\`). Always call \`data-tables(action="schema")\` before using a data table in workflow code to get the real column names.
## CRITICAL RULES
- **NEVER parallelize edit + submit.** Always: edit wait submit. Each step depends on the previous one completing.
- **Complex workflows (5+ nodes, 2+ integrations) MUST use the Compositional Workflow Pattern.** Decompose into sub-workflows, test each independently, then compose. Do NOT write everything in a single workflow.
- **If you edit code after submitting, you MUST call \`submit-workflow\` again before doing anything else (verify, run, or finish).** The system tracks file hashes — if the file changed since the last submit, your work is discarded. The sequence is always: edit → submit → then verify/run/finish.
- **Follow the runtime verification instructions in your briefing.** If the briefing says verification is required, do not stop after a successful submit.
## Mandatory Process
### For simple workflows (< 5 nodes, single integration):
1. **Discover credentials**: Call \`credentials(action="list")\`. Note each credential's \`id\`, \`name\`, and \`type\`. Use \`newCredential('Name', 'id')\` only for an explicitly selected, exactly matched, or existing workflow credential. For unresolved credentials, use \`newCredential('Suggested Name')\`; \`submit-workflow\` records the mocked credential and the orchestrator routes to setup after verification.
2. **Discover nodes**:
a. If the workflow fits a known category (notification, data_persistence, chatbot, scheduling, data_transformation, data_extraction, document_processing, form_input, content_generation, triage, scraping_and_research), call \`nodes(action="suggested")\` first — it returns curated node recommendations with pattern hints and configuration notes. **Pay attention to the notes** — they prevent common configuration mistakes.
b. For well-known utility nodes, skip \`nodes(action="search")\` and use \`nodes(action="type-definition")\` directly:
- \`n8n-nodes-base.code\`, \`n8n-nodes-base.merge\`, \`n8n-nodes-base.set\`, \`n8n-nodes-base.if\`
- \`n8n-nodes-base.removeDuplicates\`, \`n8n-nodes-base.httpRequest\`, \`n8n-nodes-base.switch\`
- \`n8n-nodes-base.aggregate\`, \`n8n-nodes-base.splitOut\`, \`n8n-nodes-base.filter\`
c. Use \`nodes(action="search")\` for service-specific nodes not covered above. Use short service names: "Gmail", "Slack", not "send email SMTP". Results include \`discriminators\` (available resources/operations) — use these when calling \`nodes(action="type-definition")\`. **Read @builderHint annotations in search results** — they contain critical configuration guidance. Or grep the catalog:
\`\`\`
execute_command: grep -i "gmail" ${workspaceRoot}/node-types/index.txt
\`\`\`
d. **Look for similar workflow examples** in \`${workspaceRoot}/examples/\` — a curated set of real n8n workflows in SDK form. Grep the index, then read the closest match for structural inspiration:
\`\`\`
execute_command: grep -i "<keyword>" ${workspaceRoot}/examples/index.txt
execute_command: cat ${workspaceRoot}/examples/<file>.ts
\`\`\`
Each line in \`examples/index.txt\` is \`filename | name | nodes | tags | source-id\`. Use the example as a reference for **structure** (which credential type each node uses, how nodes are wired, where sub-nodes attach to an agent, where sticky notes go) — not as a verbatim copy. The user's request will rarely match an example one-to-one.
The \`examples/\` directory is **read-only reference**. Never edit files there; \`${sourceDir}/\` and \`${chunksDir}/\` are your scratch.
Examples use \`newCredential('Name', 'id')\` for clarity. When you copy a pattern into \`${mainWorkflowPath}\`, replace those calls with raw \`{ id, name }\` from \`credentials(action="list")\` per the rules above.
If grep returns nothing, build from scratch. **Do not fabricate examples that do not exist.**
3. **Get node schemas**: Call \`nodes(action="type-definition")\` with ALL the node IDs you need in a single call (up to 5). For nodes with discriminators (from search results), include the \`resource\` and \`operation\` fields. **Read the definitions carefully** — they contain exact parameter names, types, required fields, valid enum values, credential types, displayOptions conditions, and \`@builderHint\` annotations with critical configuration guidance.
**Important**: Only call \`nodes(action="type-definition")\` for nodes you will actually use in the workflow. Do not speculatively fetch definitions "just in case". If a definition returns empty or an error, do not retry — proceed with the information from \`nodes(action="search")\` results instead.
4. **Resolve real resource IDs**: Check the node schemas from step 3 for parameters with \`searchListMethod\` or \`loadOptionsMethod\`. For EACH one, call \`nodes(action="explore-resources")\` with the node type, method name, and the matching explicit credential from step 1 to discover real resource IDs.
- **This is mandatory for: calendars, spreadsheets, channels, folders, models, databases, and any other list-based parameter.** Do NOT assume values like "primary", "default", or "General" always look up the real ID.
- **LLM models in particular** (OpenAI, Anthropic, Groq, etc.): always call \`explore-resources\` with the node's \`@searchListMethod\` when a credential for that provider is attached. The live list reflects what the credential can actually access — free/cheap tiers are often limited (e.g. an OpenAI free-tier key may only return \`gpt-5-mini\`). Picking a model ID that the credential can't access produces a broken workflow. The list is sorted newest-first; use the \`@builderHint\` as selection guidance (e.g. "prefer the GPT-5.4 family") over the live results, not as a hard-coded pick.
- Example: Google Calendar's \`calendar\` parameter uses \`searchListMethod: getCalendars\`. Call \`nodes(action="explore-resources")\` with \`methodName: "getCalendars"\` to get the actual calendar ID (e.g., "user@example.com"), not "primary".
- **Never use fake IDs for discoverable resources.** Use \`placeholder()\` when the user needs to choose or create the resource after the build. For user-provided values, follow the placeholder rules in "SDK Code Rules".
- **If \`explore-resources\` returns more than one match and the user did not name a specific one, use \`placeholder('Select <resource>')\` for that parameter** (e.g. \`placeholder('Select a calendar')\`, \`placeholder('Select a Slack channel')\`). Picking one silently is a guess; after the build, the inline setup card in the AI Assistant panel surfaces placeholders so the user can choose. Only pick a single match without prompting.
- If the resource can't be created via n8n (e.g., Slack channels), explain clearly in your summary what the user needs to set up.
5. **Write workflow code** to \`${mainWorkflowPath}\`.
6. **Trace wiring before declaring done**: For workflows containing IF, Switch, or Merge nodes, trace each branch from its source to its target confirm IF outputs are wired with \`.onTrue()\`/\`.onFalse()\`, every Switch rule output is wired by zero-based \`.onCase(index, target)\`, and the Merge mode matches the data shape. Read each node's \`@builderHint\` for selection criteria.
7. **Validate with tsc**: Run the TypeScript compiler for real type checking:
\`\`\`
execute_command: ${tsconfigCommand}
\`\`\`
Fix any errors using \`edit_file\` (with absolute path) to update the code, then re-run tsc. Iterate until clean.
**Important**: If tsc reports errors you cannot resolve after 2 attempts, skip tsc and proceed to submit-workflow. The submit tool has its own validation.
8. **Submit**: When tsc passes cleanly, call \`submit-workflow\` to validate the workflow graph and save it to n8n.
9. **Fix submission errors**: If \`submit-workflow\` returns errors, edit the file and submit again immediately. Skip tsc for validation-only errors. **Never end your turn on a file edit — always re-submit first.** The system compares file hashes: if the file changed since the last submit, all your work is discarded. End only on a successful re-submit or after you explicitly report the blocking error.
If remediation includes \`shouldEdit: false\`, stop immediately and report its guidance. Do not edit files, run commands, or call \`submit-workflow\` again.
10. **Done**: Output ONE sentence summarizing what was built, including the workflow ID and any known issues.
### For complex workflows (5+ nodes, multiple integrations):
Follow the **Compositional Workflow Pattern** above. The process becomes:
1. **Discover credentials** (same as above).
2. **Discover nodes and get schemas** (same as above).
3. **Resolve real resource IDs** (same as above call \`nodes(action="explore-resources")\` for EVERY parameter with \`searchListMethod\` or \`loadOptionsMethod\`). Never assume IDs like "primary" or "default". If a resource doesn't exist, use a placeholder unless the user explicitly asked you to create that resource.
4. **Decompose** the workflow into logical chunks. Each chunk is a standalone sub-workflow with 2-4 nodes covering one capability (e.g., "fetch and format weather data", "generate AI recommendation", "store to data table").
5. **For each chunk**:
a. Write the chunk to \`${chunksDir}/<name>.ts\` with an \`executeWorkflowTrigger\` and explicit input schema.
b. Run tsc.
c. Submit the chunk: \`submit-workflow\` with \`filePath\` pointing to the chunk file. Test via \`executions(action="run")\`.
d. Fix if needed (max 2 submission fix attempts per chunk).
6. **Write the main workflow** in \`${mainWorkflowPath}\` that composes chunks via \`executeWorkflow\` nodes, referencing each chunk's workflow ID.
7. **Trace wiring before declaring done**: For workflows containing IF, Switch, or Merge nodes, trace each branch from its source to its target confirm IF outputs are wired with \`.onTrue()\`/\`.onFalse()\`, every Switch rule output is wired by zero-based \`.onCase(index, target)\`, and the Merge mode matches the data shape. Read each node's \`@builderHint\` for selection criteria.
8. **Submit** the main workflow.
9. **Done**: Output ONE sentence summarizing what was built, including the workflow ID and any known issues.
Do NOT produce visible output until the final step. All reasoning happens internally.
## Modifying Existing Workflows
When modifying an existing workflow, the current code is **already pre-loaded** into \`${mainWorkflowPath}\` with SDK imports.
**Pre-flight check before any edit**: If the change introduces a node type not already in the file, or touches parameter values you haven't just looked up (model IDs, RLC values, enum selections, credential types, versions, etc.), call \`nodes(action="type-definition")\` first. Read \`@builderHint\`, \`@default\`, \`@searchListMethod\`, and \`@loadOptionsMethod\` from the output.
**Live credential-backed lookups are the source of truth for RLC/list parameters.** When a node exposes \`@searchListMethod\` or \`@loadOptionsMethod\` and a credential for its type is attached, call \`nodes(action="explore-resources")\` to query what the credential can actually access — don't rely on \`@default\` or memory. Treat \`@builderHint\` as *selection guidance over the live list* ("prefer the GPT-5.4 family", "prefer the most recent Sonnet") rather than as the source of the value itself. When no credential is attached, fall back to \`@default\`. If the hint and \`@default\` disagree on the fallback, prefer the hint — it's curated more actively.
Do not guess method names for \`explore-resources\`, and do not fill parameter values in from memory, even when the node or parameter feels familiar. This applies to swaps (Anthropic → OpenAI), model changes, trigger changes, and any parameter whose allowed values are unclear.
Steps:
- Read the current code with \`read_file\`
- Edit using \`edit_file\` for targeted changes or \`write_file\` for full rewrites (always use absolute paths)
- Run tsc submit-workflow with the \`workflowId\`
- Do NOT call \`workflows(action="get-as-code")\` — the file is already populated
${SDK_RULES_AND_PATTERNS_SANDBOX}
`;
}
// ── Patch-mode builder prompt ────────────────────────────────────────────────

2160
packages/@n8n/instance-ai/src/tools/orchestration/build-workflow-agent.tool.ts
View File

File diff suppressed because it is too large Load Diff

208
packages/@n8n/instance-ai/src/tools/orchestration/builder-memory-compaction.ts
View File

@ -1,208 +0,0 @@
import type { AgentDbMessage, BuiltMemory } from '@n8n/agents';
import { randomUUID } from 'node:crypto';
import type { WorkflowBuildOutcome } from '../../workflow-loop';
const BUILDER_MEMORY_SUMMARY_TYPE = 'builder-memory-summary';
interface BuilderMemoryBinding {
resource: string;
thread: string;
}
interface BuilderMemoryCompactionContext {
memory?: BuiltMemory;
messageGroupId?: string;
}
interface BuilderMemoryCompactionInput {
context: BuilderMemoryCompactionContext;
binding: BuilderMemoryBinding;
sessionId?: string;
workflowId?: string;
workItemId: string;
sourceFilePath: string;
nodeSummaries?: Array<{ name: string; type: string }>;
triggerNodes?: Array<{ nodeName: string; nodeType: string }>;
mockedNodeNames?: string[];
mockedCredentialTypes?: string[];
mockedCredentialsByNode?: Record<string, string[]>;
verification?: WorkflowBuildOutcome['verification'];
lastRequestedChange: string;
finalBuilderResult: string;
}
export interface BuilderMemoryCompactionResult {
compacted: boolean;
skippedReason?: string;
rawMessageCount: number;
compactedMessageCount: number;
rawTokenEstimate: number;
compactedTokenEstimate: number;
}
function estimateTokens(value: string): number {
return Math.ceil(value.length / 4);
}
function stringifyForTokens(value: unknown): string {
if (typeof value === 'string') return value;
try {
return JSON.stringify(value) ?? String(value);
} catch {
return String(value);
}
}
function stringifyMessageForTokens(message: AgentDbMessage): string {
return stringifyForTokens('content' in message ? message.content : message.data);
}
function formatList(label: string, values: string[] | undefined): string {
if (!values?.length) return `${label}: none`;
return `${label}: ${values.join(', ')}`;
}
function buildSummaryContent(input: BuilderMemoryCompactionInput): string {
const lines = [
'<builder-memory-summary>',
`Workflow ID: ${input.workflowId ?? 'unknown'}`,
`Work item ID: ${input.workItemId}`,
`Source file path: ${input.sourceFilePath}`,
'',
'<last-requested-change>',
input.lastRequestedChange,
'</last-requested-change>',
'',
'<workflow-nodes>',
];
if (input.nodeSummaries?.length) {
for (const node of input.nodeSummaries) {
lines.push(`- ${node.name}: ${node.type}`);
}
} else {
lines.push('- unknown');
}
lines.push(
'</workflow-nodes>',
'',
'<trigger-nodes>',
...(input.triggerNodes?.length
? input.triggerNodes.map((node) => `- ${node.nodeName}: ${node.nodeType}`)
: ['- none recorded']),
'</trigger-nodes>',
'',
'<mocked-credentials>',
formatList('Mocked nodes', input.mockedNodeNames),
formatList('Mocked credential types', input.mockedCredentialTypes),
);
if (input.mockedCredentialsByNode && Object.keys(input.mockedCredentialsByNode).length > 0) {
lines.push('Mocked credentials by node:');
for (const [nodeName, credentialTypes] of Object.entries(input.mockedCredentialsByNode)) {
lines.push(`- ${nodeName}: ${credentialTypes.join(', ')}`);
}
} else {
lines.push('Mocked credentials by node: none');
}
lines.push('</mocked-credentials>', '', '<verification-state>');
if (input.verification?.attempted) {
lines.push(
'Attempted: true',
`Success: ${input.verification.success}`,
`Execution ID: ${input.verification.executionId ?? 'unknown'}`,
`Status: ${input.verification.status ?? 'unknown'}`,
`Failure signature: ${input.verification.failureSignature ?? 'none'}`,
formatList('Nodes executed', input.verification.evidence?.nodesExecuted),
`Error message: ${input.verification.evidence?.errorMessage ?? 'none'}`,
);
} else {
lines.push('Attempted: false');
}
lines.push(
'</verification-state>',
'',
'<final-builder-result>',
input.finalBuilderResult,
'</final-builder-result>',
'</builder-memory-summary>',
);
return lines.join('\n');
}
function buildSummaryMessage(input: BuilderMemoryCompactionInput, content: string): AgentDbMessage {
return {
id: `${BUILDER_MEMORY_SUMMARY_TYPE}-${randomUUID()}`,
createdAt: new Date(),
role: 'assistant',
type: 'llm',
content: [
{
type: 'text',
text: content,
providerMetadata: {
instanceAi: {
messageType: BUILDER_MEMORY_SUMMARY_TYPE,
sessionId: input.sessionId,
messageGroupId: input.context.messageGroupId,
},
},
},
],
providerOptions: {
instanceAi: {
instanceAiBuilderMemorySummary: true,
workflowId: input.workflowId,
workItemId: input.workItemId,
sourceFilePath: input.sourceFilePath,
},
},
};
}
export async function compactBuilderMemoryThread(
input: BuilderMemoryCompactionInput,
): Promise<BuilderMemoryCompactionResult> {
const { memory } = input.context;
if (!memory) {
return {
compacted: false,
skippedReason: 'store_unavailable',
rawMessageCount: 0,
compactedMessageCount: 0,
rawTokenEstimate: 0,
compactedTokenEstimate: 0,
};
}
const messages = await memory.getMessages(input.binding.thread);
const rawTokenEstimate = messages.reduce(
(total, message) => total + estimateTokens(stringifyMessageForTokens(message)),
0,
);
const summary = buildSummaryContent(input);
const compactedTokenEstimate = estimateTokens(summary);
const oldMessageIds = messages.map((message) => message.id);
const summaryMessage = buildSummaryMessage(input, summary);
await memory.saveThread({ id: input.binding.thread, resourceId: input.binding.resource });
await memory.saveMessages({
threadId: input.binding.thread,
resourceId: input.binding.resource,
messages: [summaryMessage],
});
await memory.deleteMessages(oldMessageIds);
return {
compacted: true,
rawMessageCount: messages.length,
compactedMessageCount: 1,
rawTokenEstimate,
compactedTokenEstimate,
};
}

80
packages/@n8n/instance-ai/src/tools/orchestration/complete-checkpoint.tool.ts
View File

@ -13,6 +13,7 @@ import { Tool } from '@n8n/agents';
import { z } from 'zod';
import type { OrchestrationContext } from '../../types';
import { analyzeWorkflow } from '../workflows/setup-workflow.service';
const inputSchema = z.object({
taskId: z.string().describe('The checkpoint task ID from the <planned-task-follow-up> payload'),
@ -35,6 +36,80 @@ const outputSchema = z.object({
ok: z.boolean(),
});
function isRecord(value: unknown): value is Record<string, unknown> {
return typeof value === 'object' && value !== null && !Array.isArray(value);
}
function requiresWorkflowSetup(outcome: Record<string, unknown> | undefined): boolean {
const setupRequirement = outcome?.setupRequirement;
return isRecord(setupRequirement) && setupRequirement.status === 'required';
}
function getWorkflowId(outcome: Record<string, unknown> | undefined): string | undefined {
const workflowId = outcome?.workflowId;
return typeof workflowId === 'string' && workflowId.length > 0 ? workflowId : undefined;
}
async function rejectIfSetupStillRequired(
context: OrchestrationContext,
checkpointTaskId: string,
): Promise<{ ok: true } | { ok: false; result: string }> {
const graph = await context.plannedTaskService?.getGraph(context.threadId);
if (!graph) return { ok: true };
const checkpoint = graph.tasks.find((task) => task.id === checkpointTaskId);
if (!checkpoint || checkpoint.kind !== 'checkpoint') return { ok: true };
if (checkpoint.status !== 'running') return { ok: true };
const dependentWorkflowIds = graph.tasks
.filter((task) => checkpoint.deps.includes(task.id))
.filter((task) => task.kind === 'build-workflow' && requiresWorkflowSetup(task.outcome))
.map((task) => getWorkflowId(task.outcome))
.filter((workflowId): workflowId is string => workflowId !== undefined);
if (dependentWorkflowIds.length === 0) return { ok: true };
const domainContext = context.domainContext;
if (!domainContext) {
return {
ok: false,
result:
'Error: checkpoint cannot be completed yet because workflow setup is still required, ' +
'but the workflow context is unavailable. Call workflows(action="setup") before complete-checkpoint.',
};
}
for (const workflowId of dependentWorkflowIds) {
try {
const setupRequests = await analyzeWorkflow(domainContext, workflowId);
const pendingRequests = setupRequests.filter((request) => request.needsAction);
if (pendingRequests.length > 0) {
const nodeNames = pendingRequests
.map((request) => request.node.name)
.filter((name): name is string => typeof name === 'string' && name.length > 0);
const suffix = nodeNames.length > 0 ? ` Pending setup nodes: ${nodeNames.join(', ')}.` : '';
return {
ok: false,
result:
`Error: workflow setup is still required for workflow "${workflowId}". ` +
`Call workflows(action="setup", workflowId="${workflowId}") before complete-checkpoint.` +
suffix,
};
}
} catch (error) {
return {
ok: false,
result:
`Error: workflow setup could not be checked for workflow "${workflowId}": ` +
`${error instanceof Error ? error.message : String(error)}. ` +
`Call workflows(action="setup", workflowId="${workflowId}") before complete-checkpoint.`,
};
}
}
return { ok: true };
}
export function createCompleteCheckpointTool(context: OrchestrationContext) {
return new Tool('complete-checkpoint')
.description(
@ -50,6 +125,11 @@ export function createCompleteCheckpointTool(context: OrchestrationContext) {
return { ok: false, result: 'Error: planned task service not available.' };
}
if (input.status === 'succeeded') {
const setupGuard = await rejectIfSetupStillRequired(context, input.taskId);
if (!setupGuard.ok) return setupGuard;
}
const settleResult =
input.status === 'succeeded'
? await context.plannedTaskService.markCheckpointSucceeded(

2
packages/@n8n/instance-ai/src/tools/orchestration/plan-agent-prompt.ts
View File

@ -80,7 +80,7 @@ ${NATIVE_NODE_PREFERENCE}
- **Each item's \`purpose\` describes only that item.** Do not reference work handled by other plan items — each agent only sees its own spec, and cross-task context causes scope creep.
- **Workflow verification is mandatory.** For **every** \`workflow\` item you add, also add a \`checkpoint\` item whose \`dependsOn\` includes that workflow's ID. Checkpoints are orchestrator-executed — the orchestrator runs them itself using its own tools, they are not delegated.
- \`title\`: a user-readable verification goal, e.g. \`"Verify 'Daily API Email' workflow runs successfully"\`.
- \`instructions\`: detailed steps the orchestrator must execute. Prefer \`verify-built-workflow\` with the work item ID from the build outcome — it uses pin data captured at build time, so it works even for event-triggered workflows (webhook, form, chat, mcp). For workflows with real credentials and a testable trigger (manual, schedule), \`executions(action="run")\` is acceptable. State the pass condition in plain terms (e.g. "run completes without errors and produces at least one output row").
- \`instructions\`: detailed steps the orchestrator must execute. Use \`verify-built-workflow\` with the work item ID from the build outcome — it uses pin data captured at build time, so it works even for event-triggered workflows (webhook, form, chat, mcp). Do not put \`executions(action="run")\` in checkpoint instructions; if the user explicitly asked to run or execute the workflow after building, the synthesize follow-up handles that as a separate approval-gated run. State the pass condition in plain terms (e.g. "run completes without errors and produces at least one output row").
- Do NOT list \`tools\` on a checkpoint — it is not a delegate task.
- Do NOT emit a checkpoint for a \`delegate\` item. Checkpoints are for workflows only.
- **Always call \`submit-plan\` after the last \`add-plan-item\`.** On rejection, be surgical — change only what the user asked for. Never fabricate node names; search first if unsure.`;

6
packages/@n8n/instance-ai/src/tools/orchestration/plan.tool.ts
View File

@ -46,6 +46,11 @@ function isReplanContext(context: OrchestrationContext): boolean {
return context.isReplanFollowUp === true;
}
function textRequestsPostBuildRun(text: string | undefined): boolean {
const normalized = text?.toLowerCase().replace(/\s+/g, ' ') ?? '';
return /\b(build|create|make)\b.{0,120}\b(then|and)\s+(run|execute|test)\b/.test(normalized);
}
/**
* Returns true when the thread has a non-terminal planned-task graph meaning
* `create-tasks` is being called as a revision (after user rejection of a
@ -196,6 +201,7 @@ export function createPlanTool(context: OrchestrationContext) {
{
planRunId: context.runId,
messageGroupId: context.messageGroupId,
postBuildRunApprovalRequired: textRequestsPostBuildRun(context.currentUserMessage),
},
);
} catch (error) {

6
packages/@n8n/instance-ai/src/tools/orchestration/submit-plan.tool.ts
View File

@ -16,6 +16,11 @@ import { publishPlanUpdate } from './add-plan-item.tool';
import type { BlueprintAccumulator } from './blueprint-accumulator';
import type { OrchestrationContext, PlannedTask } from '../../types';
function textRequestsPostBuildRun(text: string | undefined): boolean {
const normalized = text?.toLowerCase().replace(/\s+/g, ' ') ?? '';
return /\b(build|create|make)\b.{0,120}\b(then|and)\s+(run|execute|test)\b/.test(normalized);
}
export function createSubmitPlanTool(
accumulator: BlueprintAccumulator,
context: OrchestrationContext,
@ -106,6 +111,7 @@ export function createSubmitPlanTool(
{
planRunId: context.runId,
messageGroupId: context.messageGroupId,
postBuildRunApprovalRequired: textRequestsPostBuildRun(context.currentUserMessage),
},
);

5
packages/@n8n/instance-ai/src/tools/tool-ids.ts
View File

@ -20,7 +20,6 @@ export const ORCHESTRATION_TOOL_IDS = {
CREATE_TASKS: 'create-tasks',
TASK_CONTROL: 'task-control',
DELEGATE: 'delegate',
BUILD_WORKFLOW_WITH_AGENT: 'build-workflow-with-agent',
EVAL_SETUP_WITH_AGENT: 'eval-setup-with-agent',
EVAL_DATA: 'eval-data',
COMPLETE_CHECKPOINT: 'complete-checkpoint',
@ -47,9 +46,11 @@ export const ALWAYS_LOADED_TOOL_NAMES = new Set<string>([
DOMAIN_TOOL_IDS.ASK_USER,
DOMAIN_TOOL_IDS.CREDENTIALS,
DOMAIN_TOOL_IDS.WORKFLOWS,
DOMAIN_TOOL_IDS.EXECUTIONS,
DOMAIN_TOOL_IDS.DATA_TABLES,
DOMAIN_TOOL_IDS.PARSE_FILE,
ORCHESTRATION_TOOL_IDS.BUILD_WORKFLOW_WITH_AGENT,
DOMAIN_TOOL_IDS.BUILD_WORKFLOW,
DOMAIN_TOOL_IDS.NODES,
ORCHESTRATION_TOOL_IDS.VERIFY_BUILT_WORKFLOW,
DOMAIN_TOOL_IDS.RESEARCH,
DOMAIN_TOOL_IDS.EVALS,

440
packages/@n8n/instance-ai/src/tools/workflows/__tests__/build-workflow.tool.test.ts Normal file
View File

@ -0,0 +1,440 @@
import { UserError } from 'n8n-workflow';
import { executeTool } from '../../../__tests__/tool-test-utils';
import type { InstanceAiContext } from '../../../types';
import type { WorkflowBuildOutcome } from '../../../workflow-loop/workflow-loop-state';
import { createBuildWorkflowTool } from '../build-workflow.tool';
import { resolveCredentials } from '../resolve-credentials';
import { stripStaleCredentialsFromWorkflow } from '../setup-workflow.service';
import { ensureWebhookIds } from '../submit-workflow.tool';
jest.mock('../../../workflow-builder', () => ({
parseAndValidate: jest.fn(() => ({
workflow: {
name: 'Generated workflow',
nodes: [{ name: 'Webhook', type: 'n8n-nodes-base.webhook', parameters: {} }],
connections: {},
},
warnings: [],
})),
partitionWarnings: jest.fn((warnings: unknown[]) => ({ errors: [], informational: warnings })),
}));
jest.mock('../resolve-credentials', () => ({
buildCredentialMap: jest.fn(async () => await Promise.resolve(new Map())),
resolveCredentials: jest.fn(
async () =>
await Promise.resolve({
mockedNodeNames: [],
mockedCredentialTypes: [],
mockedCredentialsByNode: {},
verificationPinData: {},
usesWorkflowPinDataForVerification: false,
}),
),
}));
jest.mock('../setup-workflow.service', () => ({
stripStaleCredentialsFromWorkflow: jest.fn(async () => await Promise.resolve()),
}));
jest.mock('../submit-workflow.tool', () => ({
ensureWebhookIds: jest.fn(async () => await Promise.resolve()),
}));
describe('createBuildWorkflowTool', () => {
const originalBuildViaPlanGuard = process.env.N8N_INSTANCE_AI_ENFORCE_BUILD_VIA_PLAN;
const restoreBuildViaPlanGuard = () => {
if (originalBuildViaPlanGuard === undefined) {
delete process.env.N8N_INSTANCE_AI_ENFORCE_BUILD_VIA_PLAN;
} else {
process.env.N8N_INSTANCE_AI_ENFORCE_BUILD_VIA_PLAN = originalBuildViaPlanGuard;
}
};
beforeEach(() => {
jest.clearAllMocks();
restoreBuildViaPlanGuard();
});
afterEach(() => {
restoreBuildViaPlanGuard();
});
it('rejects new workflow builds outside a planned or post-plan follow-up', async () => {
const context = {
userId: 'user-1',
runId: 'run-1',
workflowService: {
createFromWorkflowJSON: jest.fn(),
clearAiTemporary: jest.fn(),
},
credentialService: {},
nodeService: {},
dataTableService: {},
executionService: {},
permissions: { createWorkflow: 'always_allow' },
logger: { warn: jest.fn() },
} as unknown as InstanceAiContext;
const tool = createBuildWorkflowTool(context);
const result = await executeTool(tool, { code: 'workflow code' });
expect(result).toMatchObject({
success: false,
errors: [
'New workflow builds must be planned first: call `plan` so the user can approve the build plan before saving.',
],
});
expect(context.workflowService.createFromWorkflowJSON).not.toHaveBeenCalled();
});
it('aborts after repeated new workflow build plan-guard rejections', async () => {
const warn = jest.fn();
const context = {
userId: 'user-1',
runId: 'run-1',
workflowService: {
createFromWorkflowJSON: jest.fn(),
clearAiTemporary: jest.fn(),
},
credentialService: {},
nodeService: {},
dataTableService: {},
executionService: {},
permissions: { createWorkflow: 'always_allow' },
logger: { warn },
} as unknown as InstanceAiContext;
const tool = createBuildWorkflowTool(context);
await expect(executeTool(tool, { code: 'workflow code' })).resolves.toMatchObject({
success: false,
});
await expect(executeTool(tool, { code: 'workflow code' })).resolves.toMatchObject({
success: false,
});
await expect(executeTool(tool, { code: 'workflow code' })).rejects.toBeInstanceOf(UserError);
expect(context.workflowService.createFromWorkflowJSON).not.toHaveBeenCalled();
expect(warn).toHaveBeenCalledWith(
'build-workflow plan-guard rejection limit reached — aborting run',
expect.objectContaining({ rejectionCount: 3 }),
);
});
it('honors the build-via-plan guard escape hatch', async () => {
process.env.N8N_INSTANCE_AI_ENFORCE_BUILD_VIA_PLAN = 'false';
const context = {
userId: 'user-1',
runId: 'run-1',
workflowService: {
createFromWorkflowJSON: jest.fn(async () => await Promise.resolve({ id: 'wf-1' })),
clearAiTemporary: jest.fn(async () => await Promise.resolve()),
},
credentialService: {},
nodeService: {},
dataTableService: {},
executionService: {},
permissions: { createWorkflow: 'always_allow' },
logger: { warn: jest.fn() },
} as unknown as InstanceAiContext;
const tool = createBuildWorkflowTool(context);
const result = await executeTool(tool, { code: 'workflow code' });
expect(result).toMatchObject({
success: true,
workflowId: 'wf-1',
});
expect(context.workflowService.createFromWorkflowJSON).toHaveBeenCalledWith(
expect.objectContaining({ name: 'Generated workflow' }),
{ markAsAiTemporary: true },
);
expect(context.workflowService.clearAiTemporary).toHaveBeenCalledWith('wf-1');
});
it('allows new workflow builds during post-plan follow-up repairs', async () => {
const reportBuildOutcome = jest.fn(
async () => await Promise.resolve({ type: 'verify' as const, workflowId: 'wf-1' }),
);
const context = {
userId: 'user-1',
runId: 'run-1',
workflowService: {
createFromWorkflowJSON: jest.fn(async () => await Promise.resolve({ id: 'wf-1' })),
clearAiTemporary: jest.fn(async () => await Promise.resolve()),
},
credentialService: {},
nodeService: {},
dataTableService: {},
executionService: {},
workflowBuildContext: {
threadId: 'thread-1',
runId: 'run-1',
taskId: 'task-1',
workItemId: 'wi-1',
allowPostPlanWorkflowCreate: true,
workflowTaskService: {
reportBuildOutcome,
},
},
permissions: { createWorkflow: 'always_allow' },
logger: { warn: jest.fn() },
} as unknown as InstanceAiContext;
const tool = createBuildWorkflowTool(context);
const result = await executeTool(tool, { code: 'workflow code' });
expect(result).toMatchObject({
success: true,
workflowId: 'wf-1',
workItemId: 'wi-1',
});
expect(context.workflowService.createFromWorkflowJSON).toHaveBeenCalledWith(
expect.objectContaining({ name: 'Generated workflow' }),
{ markAsAiTemporary: true },
);
expect(context.workflowService.clearAiTemporary).toHaveBeenCalledWith('wf-1');
expect(reportBuildOutcome).toHaveBeenCalledWith(
expect.objectContaining<Partial<WorkflowBuildOutcome>>({
workItemId: 'wi-1',
workflowId: 'wf-1',
submitted: true,
}),
);
});
it('updates existing workflows during post-plan follow-ups without redundant approval', async () => {
const reportBuildOutcome = jest.fn(
async () => await Promise.resolve({ type: 'verify' as const, workflowId: 'wf-1' }),
);
const suspend = jest.fn();
const context = {
userId: 'user-1',
runId: 'run-1',
workflowService: {
updateFromWorkflowJSON: jest.fn(async () => await Promise.resolve({ id: 'wf-1' })),
clearAiTemporary: jest.fn(async () => await Promise.resolve()),
},
credentialService: {},
nodeService: {},
dataTableService: {},
executionService: {},
workflowBuildContext: {
threadId: 'thread-1',
runId: 'run-1',
taskId: 'task-1',
workItemId: 'wi-1',
allowPostPlanWorkflowCreate: true,
workflowTaskService: {
reportBuildOutcome,
},
},
permissions: { updateWorkflow: 'ask' },
logger: { warn: jest.fn() },
} as unknown as InstanceAiContext;
const tool = createBuildWorkflowTool(context);
const result = await executeTool(
tool,
{ workflowId: 'wf-1', code: 'workflow code' },
{ suspend },
);
expect(result).toMatchObject({
success: true,
workflowId: 'wf-1',
workItemId: 'wi-1',
});
expect(suspend).not.toHaveBeenCalled();
expect(context.workflowService.updateFromWorkflowJSON).toHaveBeenCalledWith(
'wf-1',
expect.objectContaining({ name: 'Generated workflow' }),
undefined,
);
expect(reportBuildOutcome).toHaveBeenCalledWith(
expect.objectContaining<Partial<WorkflowBuildOutcome>>({
workItemId: 'wi-1',
workflowId: 'wf-1',
submitted: true,
}),
);
});
it('does not finalize the planned task when saving a supporting workflow', async () => {
const reportBuildOutcome = jest.fn<
Promise<{ type: 'verify'; workflowId: string }>,
[WorkflowBuildOutcome]
>(async () => await Promise.resolve({ type: 'verify', workflowId: 'wf-support' }));
const markSucceeded = jest.fn(async () => await Promise.resolve(null));
const onBuildOutcome = jest.fn();
const context = {
userId: 'user-1',
runId: 'run-1',
workflowService: {
createFromWorkflowJSON: jest.fn(async () => await Promise.resolve({ id: 'wf-support' })),
clearAiTemporary: jest.fn(async () => await Promise.resolve()),
},
credentialService: {},
nodeService: {},
dataTableService: {},
executionService: {},
workflowBuildContext: {
threadId: 'thread-1',
runId: 'run-1',
taskId: 'task-1',
workItemId: 'wi-main',
plannedTaskService: {
markSucceeded,
},
workflowTaskService: {
reportBuildOutcome,
},
onBuildOutcome,
},
permissions: { createWorkflow: 'always_allow' },
logger: { warn: jest.fn() },
} as unknown as InstanceAiContext;
const tool = createBuildWorkflowTool(context);
const result = await executeTool(tool, {
code: 'workflow code',
isSupportingWorkflow: true,
});
const supportingWorkItemId = result.workItemId;
expect(result).toMatchObject({
success: true,
workflowId: 'wf-support',
isSupportingWorkflow: true,
});
expect(typeof supportingWorkItemId).toBe('string');
expect(supportingWorkItemId).not.toBe('wi-main');
expect(context.workflowService.clearAiTemporary).toHaveBeenCalledWith('wf-support');
expect(onBuildOutcome).not.toHaveBeenCalled();
expect(markSucceeded).not.toHaveBeenCalled();
const reportedOutcome = reportBuildOutcome.mock.calls[0]?.[0];
expect(reportedOutcome).toMatchObject({
workItemId: supportingWorkItemId,
workflowId: 'wf-support',
submitted: true,
});
expect(reportedOutcome?.taskId).toEqual(expect.stringMatching(/^task-1:supporting-/));
});
it('reports a workflow-loop outcome when saving succeeds', async () => {
const reportBuildOutcome = jest.fn(
async () => await Promise.resolve({ type: 'verify' as const, workflowId: 'wf-1' }),
);
const markSucceeded = jest.fn<
Promise<null>,
[string, string, { result?: string; outcome?: WorkflowBuildOutcome }]
>(async () => await Promise.resolve(null));
const context = {
userId: 'user-1',
runId: 'run-1',
workflowService: {
createFromWorkflowJSON: jest.fn(async () => await Promise.resolve({ id: 'wf-1' })),
clearAiTemporary: jest.fn(async () => await Promise.resolve()),
},
credentialService: {},
nodeService: {},
dataTableService: {},
executionService: {},
workflowBuildContext: {
threadId: 'thread-1',
runId: 'run-1',
taskId: 'task-1',
workItemId: 'wi-1',
workflowTaskService: {
reportBuildOutcome,
},
plannedTaskService: {
markSucceeded,
},
},
permissions: { createWorkflow: 'always_allow' },
logger: { warn: jest.fn() },
} as unknown as InstanceAiContext;
const tool = createBuildWorkflowTool(context);
const result = await executeTool(tool, { code: 'workflow code' });
expect(context.workflowService.createFromWorkflowJSON).toHaveBeenCalledWith(
expect.objectContaining({ name: 'Generated workflow' }),
{ markAsAiTemporary: true },
);
expect(resolveCredentials).toHaveBeenCalled();
expect(stripStaleCredentialsFromWorkflow).toHaveBeenCalled();
expect(ensureWebhookIds).toHaveBeenCalled();
expect(context.workflowService.clearAiTemporary).toHaveBeenCalledWith('wf-1');
expect(result).toMatchObject({
success: true,
workflowId: 'wf-1',
workItemId: 'wi-1',
verificationReadiness: { status: 'ready' },
setupRequirement: { status: 'not_required' },
triggerNodes: [{ nodeName: 'Webhook', nodeType: 'n8n-nodes-base.webhook' }],
});
expect(reportBuildOutcome).toHaveBeenCalledWith(
expect.objectContaining<Partial<WorkflowBuildOutcome>>({
workItemId: 'wi-1',
runId: 'run-1',
taskId: 'task-1',
workflowId: 'wf-1',
submitted: true,
verificationReadiness: { status: 'ready' },
setupRequirement: { status: 'not_required' },
}),
);
expect(markSucceeded).toHaveBeenCalledWith('thread-1', 'task-1', expect.any(Object));
const succeededUpdate = markSucceeded.mock.calls[0]?.[2];
expect(succeededUpdate?.result).toBe('Created workflow "Generated workflow" (wf-1).');
expect(succeededUpdate?.outcome).toMatchObject({ workItemId: 'wi-1', workflowId: 'wf-1' });
});
it('keeps the build successful when main workflow promotion fails', async () => {
const warn = jest.fn();
const context = {
userId: 'user-1',
runId: 'run-1',
workflowService: {
createFromWorkflowJSON: jest.fn(async () => await Promise.resolve({ id: 'wf-1' })),
clearAiTemporary: jest.fn(async () => {
await Promise.resolve();
throw new Error('temporary marker cleanup failed');
}),
},
credentialService: {},
nodeService: {},
dataTableService: {},
executionService: {},
workflowBuildContext: {
threadId: 'thread-1',
runId: 'run-1',
taskId: 'task-1',
workItemId: 'wi-1',
workflowTaskService: {
reportBuildOutcome: jest.fn(
async () => await Promise.resolve({ type: 'verify' as const, workflowId: 'wf-1' }),
),
},
plannedTaskService: {
markSucceeded: jest.fn(async () => await Promise.resolve(null)),
},
},
permissions: { createWorkflow: 'always_allow' },
logger: { warn },
} as unknown as InstanceAiContext;
const tool = createBuildWorkflowTool(context);
const result = await executeTool(tool, { code: 'workflow code' });
expect(result).toMatchObject({ success: true, workflowId: 'wf-1' });
expect(context.workflowService.clearAiTemporary).toHaveBeenCalledWith('wf-1');
expect(warn).toHaveBeenCalledWith(
'Failed to clear AI-builder temporary marker on main workflow wf-1: temporary marker cleanup failed',
);
});
});

478
packages/@n8n/instance-ai/src/tools/workflows/build-workflow.tool.ts
View File

@ -1,20 +1,50 @@
import { Tool } from '@n8n/agents';
import { instanceAiConfirmationSeveritySchema } from '@n8n/api-types';
import { hasPlaceholderDeep } from '@n8n/utils';
import { generateWorkflowCode } from '@n8n/workflow-sdk';
import { UserError } from 'n8n-workflow';
import { nanoid } from 'nanoid';
import { z } from 'zod';
import { buildCredentialMap, resolveCredentials } from './resolve-credentials';
import { stripStaleCredentialsFromWorkflow } from './setup-workflow.service';
import { ensureWebhookIds } from './submit-workflow.tool';
import {
getReferencedWorkflowIds,
isMockableTriggerNodeType,
isTriggerNodeType,
} from './workflow-json-utils';
import type { InstanceAiContext } from '../../types';
import { parseAndValidate, partitionWarnings } from '../../workflow-builder';
import { extractWorkflowCode } from '../../workflow-builder/extract-code';
import { applyPatches } from '../../workflow-builder/patch-code';
import { createRemediation } from '../../workflow-loop/remediation';
import type {
WorkflowBuildOutcome,
WorkflowSetupRequirement,
WorkflowVerificationReadiness,
} from '../../workflow-loop/workflow-loop-state';
const patchSchema = z.object({
old_str: z.string().describe('Exact string to find in the code'),
new_str: z.string().describe('Replacement string'),
});
const confirmationSuspendSchema = z.object({
requestId: z.string(),
message: z.string(),
severity: instanceAiConfirmationSeveritySchema,
});
const confirmationResumeSchema = z.object({
approved: z.boolean(),
});
interface BuildCtx {
resumeData?: z.infer<typeof confirmationResumeSchema>;
suspend?: (payload: z.infer<typeof confirmationSuspendSchema>) => Promise<never>;
}
// Coerce JSON-stringified arrays into arrays. The model sometimes sends `patches`
// as a JSON string because the payload contains escaped code. Leave non-strings
// untouched so Zod can validate them normally.
@ -45,12 +75,287 @@ export const buildWorkflowInputSchema = z.object({
.optional()
.describe('Project ID to create the workflow in. Defaults to personal project.'),
name: z.string().optional().describe('Workflow name (required for new workflows)'),
workItemId: z
.string()
.optional()
.describe(
'Existing workflow-loop work item ID when patching a workflow from verification guidance.',
),
isSupportingWorkflow: z
.boolean()
.optional()
.describe(
'Set true when saving a supporting sub-workflow that will be referenced by the main workflow. ' +
'Supporting workflows are saved and can be verified, but do not complete the planned build task.',
),
});
const triggerNodeOutputSchema = z.object({
nodeName: z.string(),
nodeType: z.string(),
});
const verificationReadinessOutputSchema = z.discriminatedUnion('status', [
z.object({ status: z.literal('ready') }),
z.object({ status: z.literal('already_verified') }),
z.object({
status: z.literal('needs_setup'),
reason: z.enum([
'unresolved-placeholders',
'missing-mocked-credential-pin-data',
'workflow-needs-setup',
]),
guidance: z.string(),
}),
z.object({
status: z.literal('not_verifiable'),
reason: z.enum(['not-submitted', 'missing-workflow-id', 'non-mockable-trigger']),
guidance: z.string(),
}),
]);
const setupRequirementOutputSchema = z.discriminatedUnion('status', [
z.object({ status: z.literal('not_required') }),
z.object({
status: z.literal('required'),
reason: z.enum(['mocked-credentials', 'unresolved-placeholders', 'workflow-needs-setup']),
guidance: z.string(),
}),
]);
function hasMockedCredentials(
outcome: Pick<WorkflowBuildOutcome, 'mockedCredentialTypes' | 'mockedCredentialsByNode'>,
): boolean {
return (
(outcome.mockedCredentialTypes?.length ?? 0) > 0 ||
Object.keys(outcome.mockedCredentialsByNode ?? {}).length > 0
);
}
function hasCredentialVerificationData(
outcome: Pick<WorkflowBuildOutcome, 'verificationPinData' | 'usesWorkflowPinDataForVerification'>,
): boolean {
return (
Object.keys(outcome.verificationPinData ?? {}).length > 0 ||
outcome.usesWorkflowPinDataForVerification === true
);
}
function determineVerificationReadiness(
outcome: Pick<
WorkflowBuildOutcome,
| 'submitted'
| 'workflowId'
| 'triggerNodes'
| 'mockedCredentialTypes'
| 'mockedCredentialsByNode'
| 'verificationPinData'
| 'usesWorkflowPinDataForVerification'
| 'hasUnresolvedPlaceholders'
>,
): WorkflowVerificationReadiness {
if (!outcome.submitted) {
return {
status: 'not_verifiable',
reason: 'not-submitted',
guidance: 'The build did not submit a workflow, so there is nothing to verify.',
};
}
if (!outcome.workflowId) {
return {
status: 'not_verifiable',
reason: 'missing-workflow-id',
guidance: 'The build outcome does not include a workflow ID.',
};
}
if (outcome.hasUnresolvedPlaceholders) {
return {
status: 'needs_setup',
reason: 'unresolved-placeholders',
guidance: 'Route the workflow through setup before verification.',
};
}
if (hasMockedCredentials(outcome) && !hasCredentialVerificationData(outcome)) {
return {
status: 'needs_setup',
reason: 'missing-mocked-credential-pin-data',
guidance: 'Route the workflow through setup because mocked credentials cannot be verified.',
};
}
if (!outcome.triggerNodes?.some((node) => isMockableTriggerNodeType(node.nodeType))) {
return {
status: 'not_verifiable',
reason: 'non-mockable-trigger',
guidance: 'The workflow does not have a trigger the post-build verifier can exercise.',
};
}
return { status: 'ready' };
}
function determineSetupRequirement(
outcome: Pick<
WorkflowBuildOutcome,
| 'submitted'
| 'workflowId'
| 'mockedCredentialTypes'
| 'mockedCredentialsByNode'
| 'hasUnresolvedPlaceholders'
>,
): WorkflowSetupRequirement {
if (!outcome.submitted || !outcome.workflowId) {
return { status: 'not_required' };
}
if (outcome.hasUnresolvedPlaceholders) {
return {
status: 'required',
reason: 'unresolved-placeholders',
guidance: 'Route the workflow through setup so the user can fill unresolved values.',
};
}
if (hasMockedCredentials(outcome)) {
return {
status: 'required',
reason: 'mocked-credentials',
guidance: 'Route the workflow through setup so the user can add real credentials.',
};
}
return { status: 'not_required' };
}
function withDeterministicRouting(
outcome: Omit<WorkflowBuildOutcome, 'verificationReadiness' | 'setupRequirement'>,
): WorkflowBuildOutcome {
return {
...outcome,
verificationReadiness: determineVerificationReadiness(outcome),
setupRequirement: determineSetupRequirement(outcome),
};
}
function isApprovedBuildContext(context: InstanceAiContext): boolean {
const buildContext = context.workflowBuildContext;
return Boolean(buildContext?.plannedTaskService ?? buildContext?.allowPostPlanWorkflowCreate);
}
function isBuildViaPlanGuardEnabled(): boolean {
const raw = process.env.N8N_INSTANCE_AI_ENFORCE_BUILD_VIA_PLAN;
if (raw === undefined) return true;
return raw.toLowerCase() !== 'false' && raw !== '0';
}
const PLAN_GUARD_REJECTION_LIMIT = 3;
async function resolveWorkflowName(
context: InstanceAiContext,
workflowId: string,
): Promise<string> {
try {
return (await context.workflowService.getAsWorkflowJSON(workflowId)).name || 'workflow';
} catch {
return 'workflow';
}
}
async function reportWorkflowBuildOutcome(
context: InstanceAiContext,
outcome: WorkflowBuildOutcome,
options: { storeOnRunContext?: boolean; markPlannedTaskSucceeded?: boolean } = {},
): Promise<void> {
const buildContext = context.workflowBuildContext;
if (!buildContext) return;
if (options.storeOnRunContext !== false) {
try {
await buildContext.onBuildOutcome?.(outcome);
} catch (error) {
context.logger?.warn('Failed to store workflow build outcome on run context', {
error: error instanceof Error ? error.message : String(error),
});
}
}
try {
await buildContext.workflowTaskService?.reportBuildOutcome(outcome);
} catch (error) {
context.logger?.warn('Failed to report workflow build outcome to workflow loop', {
workItemId: outcome.workItemId,
error: error instanceof Error ? error.message : String(error),
});
}
if (options.markPlannedTaskSucceeded === false) return;
try {
await buildContext.plannedTaskService?.markSucceeded(
buildContext.threadId,
buildContext.taskId,
{
result: outcome.summary,
outcome,
},
);
} catch (error) {
context.logger?.warn('Failed to mark planned workflow build task succeeded', {
taskId: buildContext.taskId,
error: error instanceof Error ? error.message : String(error),
});
}
}
// Clear the AI-builder temporary marker from the main workflow so run-finish
// cleanup only reaps scratch artifacts, not the saved deliverable.
async function promoteMainWorkflow(context: InstanceAiContext, workflowId: string): Promise<void> {
try {
await context.workflowService.clearAiTemporary(workflowId);
} catch (error) {
context.logger?.warn(
`Failed to clear AI-builder temporary marker on main workflow ${workflowId}: ${
error instanceof Error ? error.message : String(error)
}`,
);
}
}
export function createBuildWorkflowTool(context: InstanceAiContext) {
// Keeps the last code submitted (or patched) so patches work even before save,
// and always match the LLM's own code — not a roundtripped version.
let lastCode: string | null = null;
let planGuardRejectionCount = 0;
const rejectPlanGuardCall = () => {
planGuardRejectionCount++;
context.logger?.warn('build-workflow called outside plan/replan context — rejecting', {
threadId: context.workflowBuildContext?.threadId,
runId: context.runId,
rejectionCount: planGuardRejectionCount,
});
if (planGuardRejectionCount >= PLAN_GUARD_REJECTION_LIMIT) {
context.logger?.warn('build-workflow plan-guard rejection limit reached — aborting run', {
threadId: context.workflowBuildContext?.threadId,
runId: context.runId,
rejectionCount: planGuardRejectionCount,
});
throw new UserError(
'Stopped: the agent looped on `build-workflow` rejections without correcting them. Try again or rephrase the request.',
);
}
return {
success: false,
errors: [
'New workflow builds must be planned first: call `plan` so the user can approve the build plan before saving.',
],
};
};
return new Tool('build-workflow')
.description(
@ -64,17 +369,65 @@ export function createBuildWorkflowTool(context: InstanceAiContext) {
z.object({
success: z.boolean(),
workflowId: z.string().optional(),
workflowName: z.string().optional(),
workItemId: z.string().optional(),
triggerNodes: z.array(triggerNodeOutputSchema).optional(),
verificationReadiness: verificationReadinessOutputSchema.optional(),
setupRequirement: setupRequirementOutputSchema.optional(),
isSupportingWorkflow: z.boolean().optional(),
mockedNodeNames: z.array(z.string()).optional(),
mockedCredentialTypes: z.array(z.string()).optional(),
mockedCredentialsByNode: z.record(z.array(z.string())).optional(),
verificationPinData: z.record(z.array(z.record(z.unknown()))).optional(),
usesWorkflowPinDataForVerification: z.boolean().optional(),
referencedWorkflowIds: z.array(z.string()).optional(),
hasUnresolvedPlaceholders: z.boolean().optional(),
denied: z.boolean().optional(),
reason: z.string().optional(),
errors: z.array(z.string()).optional(),
warnings: z.array(z.string()).optional(),
}),
)
.handler(async (input: z.infer<typeof buildWorkflowInputSchema>) => {
.suspend(confirmationSuspendSchema)
.resume(confirmationResumeSchema)
.handler(async (input, ctx: BuildCtx) => {
const permKey = input.workflowId ? 'updateWorkflow' : 'createWorkflow';
if (context.permissions?.[permKey] === 'blocked') {
return { success: false, errors: ['Action blocked by admin'] };
}
const { code, patches, workflowId, projectId, name } = input;
if (!input.workflowId && !isApprovedBuildContext(context) && isBuildViaPlanGuardEnabled()) {
return rejectPlanGuardCall();
}
if (
input.workflowId &&
!isApprovedBuildContext(context) &&
context.permissions?.updateWorkflow !== 'always_allow'
) {
if (ctx.resumeData && !ctx.resumeData.approved) {
return {
success: false,
denied: true,
reason: 'User denied the action',
errors: ['User denied the action'],
};
}
if (!ctx.resumeData) {
if (!ctx.suspend) {
return { success: false, errors: ['Workflow edit approval is required.'] };
}
const workflowName = await resolveWorkflowName(context, input.workflowId);
return await ctx.suspend({
requestId: nanoid(),
message: `Edit ${workflowName} (ID: ${input.workflowId})?`,
severity: 'warning',
});
}
}
const { code, patches, workflowId, projectId, name, workItemId } = input;
const isSupportingWorkflow = input.isSupportingWorkflow === true;
let finalCode: string;
if (patches) {
@ -166,7 +519,7 @@ export function createBuildWorkflowTool(context: InstanceAiContext) {
// Resolve undefined/null credentials before saving.
// newCredential() produces NewCredentialImpl which serializes to undefined.
const credentialMap = await buildCredentialMap(context.credentialService);
await resolveCredentials(json, workflowId, context, credentialMap);
const mockResult = await resolveCredentials(json, workflowId, context, credentialMap);
// Strip credential entries that are no longer valid for the current
// parameters. Resolution above (and the LLM itself) can re-emit stale
@ -178,34 +531,121 @@ export function createBuildWorkflowTool(context: InstanceAiContext) {
await ensureWebhookIds(json, workflowId, context);
try {
const hasMockedCredentialNodes = mockResult.mockedNodeNames.length > 0;
const referencedWorkflowIds = getReferencedWorkflowIds(json);
const triggerNodes = (json.nodes ?? [])
.filter((n) => isTriggerNodeType(n.type))
.map((n) => ({ nodeName: n.name, nodeType: n.type }))
.filter(
(t): t is { nodeName: string; nodeType: string } =>
Boolean(t.nodeName) && Boolean(t.nodeType),
);
const hasPlaceholders = (json.nodes ?? []).some((n) => hasPlaceholderDeep(n.parameters));
const buildContext = context.workflowBuildContext;
const resolvedWorkItemId =
workItemId ??
(isSupportingWorkflow ? undefined : buildContext?.workItemId) ??
`wi_${nanoid(8)}`;
const resolvedTaskId = isSupportingWorkflow
? `${buildContext?.taskId ?? (context.runId ? `build-${context.runId}` : 'build')}:supporting-${nanoid(6)}`
: (buildContext?.taskId ??
(context.runId ? `build-${context.runId}` : `build-${nanoid(8)}`));
const createSuccessResponse = async (savedId: string) => {
const runId = buildContext?.runId ?? context.runId;
const workflowName = json.name || 'workflow';
const summary = `${workflowId ? 'Updated' : 'Created'} ${isSupportingWorkflow ? 'supporting ' : ''}workflow "${workflowName}" (${savedId}).`;
const placeholderRemediation = hasPlaceholders
? createRemediation({
category: 'needs_setup',
shouldEdit: false,
reason: 'mocked_credentials_or_placeholders',
guidance:
'Workflow submitted successfully, but unresolved setup values remain. Stop code edits and route to workflows(action="setup").',
})
: undefined;
const outcome = withDeterministicRouting({
workItemId: resolvedWorkItemId,
...(runId ? { runId } : {}),
taskId: resolvedTaskId,
workflowId: savedId,
submitted: true,
triggerType: 'manual_or_testable',
triggerNodes,
needsUserInput: hasPlaceholders,
blockingReason: placeholderRemediation?.guidance,
mockedNodeNames: hasMockedCredentialNodes ? mockResult.mockedNodeNames : undefined,
mockedCredentialTypes: hasMockedCredentialNodes
? mockResult.mockedCredentialTypes
: undefined,
mockedCredentialsByNode: hasMockedCredentialNodes
? mockResult.mockedCredentialsByNode
: undefined,
verificationPinData:
hasMockedCredentialNodes && Object.keys(mockResult.verificationPinData).length > 0
? mockResult.verificationPinData
: undefined,
usesWorkflowPinDataForVerification:
mockResult.usesWorkflowPinDataForVerification || undefined,
supportingWorkflowIds:
referencedWorkflowIds.length > 0 ? referencedWorkflowIds : undefined,
hasUnresolvedPlaceholders: hasPlaceholders || undefined,
remediation: placeholderRemediation,
summary,
});
await promoteMainWorkflow(context, savedId);
await reportWorkflowBuildOutcome(context, outcome, {
storeOnRunContext: !isSupportingWorkflow,
markPlannedTaskSucceeded: !isSupportingWorkflow,
});
return {
success: true,
workflowId: savedId,
workflowName: json.name || undefined,
workItemId: resolvedWorkItemId,
isSupportingWorkflow: isSupportingWorkflow || undefined,
triggerNodes,
verificationReadiness: outcome.verificationReadiness,
setupRequirement: outcome.setupRequirement,
mockedNodeNames: hasMockedCredentialNodes ? mockResult.mockedNodeNames : undefined,
mockedCredentialTypes: hasMockedCredentialNodes
? mockResult.mockedCredentialTypes
: undefined,
mockedCredentialsByNode: hasMockedCredentialNodes
? mockResult.mockedCredentialsByNode
: undefined,
verificationPinData:
hasMockedCredentialNodes && Object.keys(mockResult.verificationPinData).length > 0
? mockResult.verificationPinData
: undefined,
usesWorkflowPinDataForVerification:
mockResult.usesWorkflowPinDataForVerification || undefined,
referencedWorkflowIds:
referencedWorkflowIds.length > 0 ? referencedWorkflowIds : undefined,
hasUnresolvedPlaceholders: hasPlaceholders || undefined,
warnings:
informational.length > 0
? informational.map((w) => `[${w.code}]: ${w.message}`)
: undefined,
};
};
if (workflowId) {
const updated = await context.workflowService.updateFromWorkflowJSON(
workflowId,
json,
projectId ? { projectId } : undefined,
);
return {
success: true,
workflowId: updated.id,
warnings:
informational.length > 0
? informational.map((w) => `[${w.code}]: ${w.message}`)
: undefined,
};
return await createSuccessResponse(updated.id);
} else {
const created = await context.workflowService.createFromWorkflowJSON(json, {
...(projectId ? { projectId } : {}),
markAsAiTemporary: true,
});
(context.aiCreatedWorkflowIds ??= new Set<string>()).add(created.id);
return {
success: true,
workflowId: created.id,
warnings:
informational.length > 0
? informational.map((w) => `[${w.code}]: ${w.message}`)
: undefined,
};
return await createSuccessResponse(created.id);
}
} catch (error) {
return {

2
packages/@n8n/instance-ai/src/tracing/__tests__/trace-replay.test.ts
View File

@ -272,7 +272,7 @@ describe('TraceIndex', () => {
it('should scan forward for a matching tool when requested', () => {
const events: TraceEvent[] = [
makeToolCall(1, 'orchestrator', 'credentials'),
makeToolCall(2, 'orchestrator', 'build-workflow-with-agent'),
makeToolCall(2, 'orchestrator', 'build-workflow'),
makeToolCall(3, 'orchestrator', 'plan'),
];

32
packages/@n8n/instance-ai/src/types.ts
View File

@ -732,6 +732,8 @@ export interface InstanceAiContext {
* Used by checkpoint follow-up runs to scope the override to the workflows the checkpoint is
* verifying `executions(action="run")` on any other workflow still requires user approval. */
allowedRunWorkflowIds?: ReadonlySet<string>;
/** Force `executions(action="run")` through HITL even when a scoped checkpoint override exists. */
requireRunWorkflowApproval?: boolean;
/** When true, the instance is in read-only mode (source control branchReadOnly). */
branchReadOnly?: boolean;
/** When `false`, callers must avoid surfacing node parameter values (or anything derived from them
@ -768,6 +770,25 @@ export interface InstanceAiContext {
* adapter; absent in pure-package contexts where no NodeTypes instance
* is reachable. */
nodeTypesProvider?: INodeTypes;
/**
* Runtime-only workflow build loop context. The direct `build-workflow` tool
* reports build outcomes here so planned build follow-ups and verification
* tools can share the same work item without a detached builder sub-agent.
*/
workflowBuildContext?: {
threadId: string;
runId: string;
taskId: string;
workItemId: string;
/**
* True for replan/checkpoint follow-ups where an approved plan already
* exists and the builder may retry directly without creating a new plan.
*/
allowPostPlanWorkflowCreate?: boolean;
plannedTaskService?: PlannedTaskService;
workflowTaskService?: WorkflowTaskService;
onBuildOutcome?: (outcome: WorkflowBuildOutcome) => void | Promise<void>;
};
}
// ── Task storage ─────────────────────────────────────────────────────────────
@ -817,6 +838,7 @@ export type PlannedTaskGraphStatus =
export interface PlannedTaskGraph {
planRunId: string;
messageGroupId?: string;
postBuildRunApprovalRequired?: boolean;
status: PlannedTaskGraphStatus;
tasks: PlannedTaskRecord[];
}
@ -824,6 +846,7 @@ export interface PlannedTaskGraph {
export type PlannedTaskSchedulerAction =
| { type: 'none'; graph: PlannedTaskGraph | null }
| { type: 'dispatch'; graph: PlannedTaskGraph; tasks: PlannedTaskRecord[] }
| { type: 'orchestrate-build-workflow'; graph: PlannedTaskGraph; tasks: PlannedTaskRecord[] }
| { type: 'orchestrate-checkpoint'; graph: PlannedTaskGraph; tasks: PlannedTaskRecord[] }
| { type: 'replan'; graph: PlannedTaskGraph; failedTask: PlannedTaskRecord }
| { type: 'synthesize'; graph: PlannedTaskGraph };
@ -832,7 +855,11 @@ export interface PlannedTaskService {
createPlan(
threadId: string,
tasks: PlannedTask[],
metadata: { planRunId: string; messageGroupId?: string },
metadata: {
planRunId: string;
messageGroupId?: string;
postBuildRunApprovalRequired?: boolean;
},
): Promise<PlannedTaskGraph>;
getGraph(threadId: string): Promise<PlannedTaskGraph | null>;
markRunning(
@ -875,6 +902,9 @@ export interface PlannedTaskService {
* prevented its follow-up from starting. Non-destructive dependents are
* untouched and the next tick re-emits `orchestrate-checkpoint`. */
revertCheckpointToPlanned(threadId: string, taskId: string): Promise<CheckpointSettleResult>;
/** Rewind a running build-workflow task after a scheduling race prevented
* its orchestrator follow-up from starting. */
revertBuildWorkflowToPlanned(threadId: string, taskId: string): Promise<CheckpointSettleResult>;
tick(
threadId: string,
options?: { availableSlots?: number },

10
packages/@n8n/instance-ai/src/workflow-loop/__tests__/guidance.test.ts
View File

@ -224,14 +224,15 @@ describe('formatWorkflowLoopGuidance', () => {
expect(result).toContain('Node configuration is invalid after schema change');
});
it('should instruct to call build-workflow-with-agent directly with workflowId', () => {
it('should instruct to load the workflow-builder skill and call build-workflow with workflowId', () => {
const action: WorkflowLoopAction = {
type: 'rebuild',
workflowId: 'wf-rebuild-2',
failureDetails: 'Broken connections',
};
const result = formatWorkflowLoopGuidance(action);
expect(result).toContain('build-workflow-with-agent');
expect(result).toContain('workflow-builder');
expect(result).toContain('build-workflow');
expect(result).toContain('workflowId: "wf-rebuild-2"');
expect(result).toContain('no plan');
expect(result).toContain('structural repair');
@ -279,7 +280,7 @@ describe('formatWorkflowLoopGuidance', () => {
expect(result).not.toContain('Suggested fix');
});
it('should instruct to call build-workflow-with-agent directly with workflowId', () => {
it('should instruct to load the workflow-builder skill and call build-workflow with workflowId', () => {
const action: WorkflowLoopAction = {
type: 'patch',
workflowId: 'wf-patch-4',
@ -287,7 +288,8 @@ describe('formatWorkflowLoopGuidance', () => {
diagnosis: 'Condition always evaluates to true',
};
const result = formatWorkflowLoopGuidance(action);
expect(result).toContain('build-workflow-with-agent');
expect(result).toContain('workflow-builder');
expect(result).toContain('build-workflow');
expect(result).toContain('workflowId: "wf-patch-4"');
expect(result).toContain('no plan');
expect(result).toContain('targeted fix');

10
packages/@n8n/instance-ai/src/workflow-loop/guidance.ts
View File

@ -38,22 +38,24 @@ export function formatWorkflowLoopGuidance(
case 'rebuild':
return (
`REBUILD NEEDED: Workflow "${action.workflowId}" needs structural repair. ` +
`Call \`build-workflow-with-agent\` directly with \`workflowId: "${action.workflowId}"\` ` +
'Load the `workflow-builder` skill, then call `build-workflow` directly ' +
`with \`workflowId: "${action.workflowId}"\` ` +
`and \`workItemId: "${options.workItemId ?? 'unknown'}"\` ` +
'(no plan — this is a single-task rebuild; `workflowId` and `workItemId` are required ' +
'so the builder updates the existing workflow instead of creating a duplicate). ' +
`In the \`task\` parameter, describe the structural repair and include these details: ${action.failureDetails}`
`Use SDK code or a targeted patch to apply this structural repair: ${action.failureDetails}`
);
case 'patch':
return (
`PATCH NEEDED: Node "${action.failedNodeName}" in workflow ${action.workflowId} needs a targeted fix. ` +
`Diagnosis: ${action.diagnosis}. ` +
(action.patch ? `Suggested fix: ${JSON.stringify(action.patch)}. ` : '') +
`Call \`build-workflow-with-agent\` directly with \`workflowId: "${action.workflowId}"\` ` +
'Load the `workflow-builder` skill, then call `build-workflow` directly ' +
`with \`workflowId: "${action.workflowId}"\` ` +
`and \`workItemId: "${options.workItemId ?? 'unknown'}"\` ` +
'(no plan — this is a single-task patch; `workflowId` and `workItemId` are required ' +
'so the builder updates the existing workflow instead of creating a duplicate). ' +
'In the `task` parameter, describe the targeted fix to apply.'
'Use patch mode when the edit is small.'
);
}
}

2
packages/@n8n/instance-ai/src/workflow-loop/workflow-loop-state.ts
View File

@ -165,7 +165,7 @@ export const workflowBuildOutcomeSchema = z.object({
/**
* Trigger nodes in the submitted workflow. Populated on successful submits;
* absent on failed or pre-submit outcomes. The orchestrator reads `nodeType`
* to pick a `verify-built-workflow` `inputData` shape for bypassPlan builds.
* to pick a `verify-built-workflow` `inputData` shape for direct builds.
*/
triggerNodes: z.array(triggerNodeDescriptorSchema).optional(),
needsUserInput: z.boolean(),

2
packages/cli/package.json
View File

@ -23,7 +23,7 @@
"test:unit": "N8N_LOG_LEVEL=silent DB_SQLITE_POOL_SIZE=4 DB_TYPE=sqlite jest --config=jest.config.unit.js",
"test:unit:changed": "N8N_LOG_LEVEL=silent DB_SQLITE_POOL_SIZE=4 DB_TYPE=sqlite janitor test-scoped --runner=jest -- --config=jest.config.unit.js",
"test:integration": "N8N_LOG_LEVEL=silent DB_SQLITE_POOL_SIZE=4 DB_TYPE=sqlite jest --config=jest.config.integration.js",
"test:integration:changed": "N8N_LOG_LEVEL=silent DB_SQLITE_POOL_SIZE=4 DB_TYPE=sqlite janitor test-scoped --runner=jest --jest-variant=integration -- --config=jest.config.integration.js",
"test:integration:changed": "N8N_LOG_LEVEL=silent DB_SQLITE_POOL_SIZE=4 DB_TYPE=sqlite janitor test-scoped --runner=jest --jest-variant=integration -- --config=jest.config.integration.js --passWithNoTests",
"test:dev": "N8N_LOG_LEVEL=silent DB_SQLITE_POOL_SIZE=4 DB_TYPE=sqlite jest --watch",
"test:sqlite": "N8N_LOG_LEVEL=silent DB_SQLITE_POOL_SIZE=4 DB_TYPE=sqlite jest --config=jest.config.integration.js --no-coverage",
"test:sqlite:migrations": "N8N_LOG_LEVEL=silent DB_SQLITE_POOL_SIZE=4 DB_TYPE=sqlite jest --config=jest.config.migration.js --no-coverage",

2
packages/cli/src/modules/instance-ai/__tests__/agent-tree-builder.test.ts
View File

@ -338,7 +338,7 @@ describe('buildAgentTreeFromEvents', () => {
type: 'tool-call',
runId: 'run-1',
agentId: 'agent-001',
payload: { toolCallId: 'tc-2', toolName: 'build-workflow-with-agent', args: {} },
payload: { toolCallId: 'tc-2', toolName: 'build-workflow', args: {} },
},
{
type: 'run-finish',

58
packages/cli/src/modules/instance-ai/__tests__/instance-ai.controller.test.ts
View File

@ -24,10 +24,6 @@ jest.mock('../eval/execution.service', () => ({
EvalExecutionService: jest.fn(),
}));
jest.mock('../eval/sub-agent-eval.service', () => ({
SubAgentEvalService: jest.fn(),
}));
import type {
InstanceAiAdminSettingsUpdateRequest,
InstanceAiSendMessageRequest,
@ -42,8 +38,6 @@ import type {
InstanceAiThreadInfo,
InstanceAiRichMessagesResponse,
InstanceAiThreadMessagesResponse,
InstanceAiEvalSubAgentRequest,
InstanceAiEvalSubAgentResponse,
} from '@n8n/api-types';
import type { ModuleRegistry } from '@n8n/backend-common';
import type { GlobalConfig } from '@n8n/config';
@ -62,7 +56,6 @@ import type { Push } from '@/push';
import type { UrlService } from '@/services/url.service';
import type { EvalExecutionService } from '../eval/execution.service';
import type { SubAgentEvalService } from '../eval/sub-agent-eval.service';
import type { InProcessEventBus } from '../event-bus/in-process-event-bus';
import type { LocalGateway } from '../filesystem/local-gateway';
import type { InstanceAiMemoryService } from '../instance-ai-memory.service';
@ -98,7 +91,6 @@ describe('InstanceAiController', () => {
port: 5678,
});
const subAgentEvalService = mock<SubAgentEvalService>();
const userRepository = mock<UserRepository>();
const credentialsService = mock<CredentialsService>();
@ -107,7 +99,6 @@ describe('InstanceAiController', () => {
memoryService,
settingsService,
mock<EvalExecutionService>(),
subAgentEvalService,
eventBus,
moduleRegistry,
push,
@ -837,55 +828,6 @@ describe('InstanceAiController', () => {
});
});
describe('runSubAgentEval', () => {
const originalNodeEnv = process.env.NODE_ENV;
const originalE2ETests = process.env.E2E_TESTS;
afterEach(() => {
process.env.NODE_ENV = originalNodeEnv;
if (originalE2ETests === undefined) {
delete process.env.E2E_TESTS;
} else {
process.env.E2E_TESTS = originalE2ETests;
}
});
it('should delegate to SubAgentEvalService.run and return the response', async () => {
process.env.NODE_ENV = 'test';
process.env.E2E_TESTS = 'true';
const payload = mock<InstanceAiEvalSubAgentRequest>({ role: 'builder', prompt: 'hi' });
const expectedResponse = mock<InstanceAiEvalSubAgentResponse>({
text: 'done',
toolCalls: [],
toolResults: [],
capturedWorkflowIds: [],
durationMs: 100,
});
subAgentEvalService.run.mockResolvedValue(expectedResponse);
const result = await controller.runSubAgentEval(req, res, payload);
expect(subAgentEvalService.run).toHaveBeenCalledWith(req.user, payload);
expect(result).toBe(expectedResponse);
});
it('should throw ForbiddenError when E2E_TESTS is not set', async () => {
process.env.NODE_ENV = 'test';
delete process.env.E2E_TESTS;
const payload = mock<InstanceAiEvalSubAgentRequest>({ role: 'builder', prompt: 'hi' });
await expect(controller.runSubAgentEval(req, res, payload)).rejects.toThrow(ForbiddenError);
});
it('should throw ForbiddenError when NODE_ENV is production', async () => {
process.env.NODE_ENV = 'production';
process.env.E2E_TESTS = 'true';
const payload = mock<InstanceAiEvalSubAgentRequest>({ role: 'builder', prompt: 'hi' });
await expect(controller.runSubAgentEval(req, res, payload)).rejects.toThrow(ForbiddenError);
});
});
describe('createGatewayLink', () => {
it('should require instanceAi:gateway scope', () => {
expect(scopeOf('createGatewayLink')).toEqual({

76
packages/cli/src/modules/instance-ai/__tests__/instance-ai.service.test.ts
View File

@ -56,7 +56,7 @@ jest.mock('@n8n/instance-ai', () => {
evaluateTerminal(
_events: unknown[],
status: 'completed' | 'cancelled' | 'errored',
options: { errorMessage?: string } = {},
options: { errorMessage?: string; suppressCompletedFallback?: boolean } = {},
) {
if (status === 'errored') {
return {
@ -78,6 +78,15 @@ jest.mock('@n8n/instance-ai', () => {
};
}
if (status === 'completed' && options.suppressCompletedFallback) {
return {
status,
visibilitySource: 'none',
action: 'none',
reason: 'completed-silent-suppressed',
};
}
return {
status,
visibilitySource: 'none',
@ -634,7 +643,11 @@ type TerminalGuardOrderServiceInternals = {
threadId: string,
runId: string,
status: 'completed' | 'cancelled' | 'errored',
options?: { messageGroupId?: string; errorMessage?: string },
options?: {
messageGroupId?: string;
errorMessage?: string;
suppressCompletedFallback?: boolean;
},
) => { action: string; reason: string } | undefined;
evaluateWaitingResponse: (
threadId: string,
@ -1557,6 +1570,7 @@ function createPlannedTaskSchedulerService(): {
tick: jest.Mock;
revertToActive: jest.Mock;
revertCheckpointToPlanned: jest.Mock;
revertBuildWorkflowToPlanned: jest.Mock;
markRunning: jest.Mock;
};
graph: { planRunId: string; messageGroupId: string; tasks: Array<{ id: string }> };
@ -1570,6 +1584,7 @@ function createPlannedTaskSchedulerService(): {
tick: jest.fn(async () => ({ type: 'none' })),
revertToActive: jest.fn(async () => {}),
revertCheckpointToPlanned: jest.fn(async () => {}),
revertBuildWorkflowToPlanned: jest.fn(async () => {}),
markRunning: jest.fn(async () => {}),
};
@ -1860,6 +1875,48 @@ describe('InstanceAiService — planned task user revalidation', () => {
true,
);
});
it('runs planned workflow builds as orchestrator follow-up turns', async () => {
const { service, plannedTaskService, graph } = createPlannedTaskSchedulerService();
const freshUser = { id: 'user-1', disabled: false } as User;
const buildTask = {
id: 'wf-1',
title: 'Build workflow',
kind: 'build-workflow',
spec: 'Build the workflow',
deps: [],
workflowId: 'existing-wf',
};
graph.tasks = [buildTask];
service.revalidateActiveUser.mockResolvedValue(freshUser);
plannedTaskService.tick.mockResolvedValue({
type: 'orchestrate-build-workflow',
graph,
tasks: [buildTask],
});
await service.doSchedulePlannedTasks(fakeUser, 'thread-a');
expect(plannedTaskService.markRunning).toHaveBeenCalledWith('thread-a', 'wf-1', {
agentId: 'agent-001',
});
expect(service.buildPlannedTaskFollowUpMessage).toHaveBeenCalledWith('build-workflow', graph, {
buildTask,
});
expect(service.startInternalFollowUpRun).toHaveBeenCalledWith(
freshUser,
'thread-a',
'follow-up message',
'group-1',
false,
undefined,
expect.objectContaining({
isPlannedBuildFollowUp: true,
buildTaskId: 'wf-1',
workItemId: 'plan-run-1:default',
}),
);
});
});
describe('InstanceAiService — suspended run user revalidation', () => {
@ -2118,6 +2175,21 @@ describe('InstanceAiService — terminal response guard wiring', () => {
]);
});
it('does not publish completed fallback output when silence is expected', () => {
const service = createTerminalGuardOrderService();
const decision = service.evaluateTerminalResponse('thread-a', 'run-1', 'completed', {
messageGroupId: 'group-1',
suppressCompletedFallback: true,
});
expect(decision).toMatchObject({
action: 'none',
reason: 'completed-silent-suppressed',
});
expect(service.eventBus.events).toEqual([]);
});
it('publishes fallback error before run-finish on a silent failed run', () => {
const service = createTerminalGuardOrderService();

2
packages/cli/src/modules/instance-ai/__tests__/message-parser.test.ts
View File

@ -600,7 +600,7 @@ describe('parseStoredMessages', () => {
{
type: 'tool-call',
toolCallId: 'tc-2',
toolName: 'build-workflow-with-agent',
toolName: 'build-workflow',
input: {},
state: 'resolved',
output: 'ok',

167
packages/cli/src/modules/instance-ai/eval/__tests__/sub-agent-eval.service.test.ts
View File

@ -1,167 +0,0 @@
import type { Logger } from '@n8n/backend-common';
import type { User } from '@n8n/db';
import { mock } from 'jest-mock-extended';
import type { InstanceAiAdapterService } from '../../instance-ai.adapter.service';
import type { InstanceAiService } from '../../instance-ai.service';
import { SubAgentEvalService } from '../sub-agent-eval.service';
function makeAgentResult(
overrides: Partial<{
text: string;
toolCalls: unknown[];
finishReason: string;
}> = {},
) {
const text = overrides.text ?? 'done';
return {
runId: 'agent-run-1',
messages: [{ role: 'assistant', content: [{ type: 'text', text }] }],
toolCalls: overrides.toolCalls ?? [],
finishReason: overrides.finishReason ?? 'stop',
...overrides,
};
}
jest.mock('@n8n/instance-ai', () => ({
// BUILDER_AGENT_PROMPT is imported by sub-agent-roles.ts; provide a stub string.
BUILDER_AGENT_PROMPT: 'stub-builder-prompt',
MAX_STEPS: { BUILDER: 60 },
createSubAgent: jest.fn(() => ({
generate: jest.fn().mockResolvedValue({
runId: 'agent-run-1',
messages: [{ role: 'assistant', content: [{ type: 'text', text: 'done' }] }],
toolCalls: [],
finishReason: 'stop',
}),
})),
createAllTools: jest.fn(() => ({})),
}));
describe('SubAgentEvalService', () => {
const adapter = mock<InstanceAiAdapterService>();
const instanceAiService = mock<InstanceAiService>();
const user = mock<User>({ id: 'user-1' });
const logger = mock<Logger>();
let service: SubAgentEvalService;
beforeEach(() => {
jest.clearAllMocks();
logger.scoped.mockReturnValue(logger);
service = new SubAgentEvalService(adapter, instanceAiService, logger);
instanceAiService.resolveAgentModelConfig.mockResolvedValue(
'anthropic/claude-sonnet-4-20250514',
);
});
it('throws when the role is unknown', async () => {
await expect(service.run(user, { role: 'does-not-exist', prompt: 'hi' })).rejects.toThrow(
/Unknown sub-agent role "does-not-exist"/,
);
});
it('captures workflow IDs created during the run', async () => {
const createdIds: string[] = [];
const workflowService = {
createFromWorkflowJSON: jest.fn(async () => {
const detail = { id: `wf-${createdIds.length + 1}` };
createdIds.push(detail.id);
return detail;
}),
updateFromWorkflowJSON: jest.fn(async () => ({ id: 'wf-updated' })),
list: jest.fn(),
get: jest.fn(),
getAsWorkflowJSON: jest.fn(),
archive: jest.fn(),
delete: jest.fn(),
publish: jest.fn(),
unpublish: jest.fn(),
};
adapter.createContext.mockReturnValue({
userId: user.id,
workflowService,
executionService: {} as never,
credentialService: {} as never,
nodeService: {} as never,
dataTableService: {} as never,
} as never);
const { createSubAgent, createAllTools } = jest.requireMock('@n8n/instance-ai');
createSubAgent.mockImplementation(() => ({
generate: jest.fn(async () => {
// The service passes the WRAPPED context to createAllTools — use it to get
// the wrapped workflowService so the capture interceptor fires correctly.
const wrappedCtx = createAllTools.mock.calls[0][0] as {
workflowService: typeof workflowService;
};
// eslint-disable-next-line @typescript-eslint/no-explicit-any
await (wrappedCtx.workflowService.createFromWorkflowJSON as any)({ name: 'A' });
// eslint-disable-next-line @typescript-eslint/no-explicit-any
await (wrappedCtx.workflowService.createFromWorkflowJSON as any)({ name: 'B' });
return makeAgentResult({ text: 'built two workflows' });
}),
}));
const result = await service.run(user, { role: 'builder', prompt: 'build something' });
expect(result.capturedWorkflowIds).toEqual(['wf-1', 'wf-2']);
expect(result.text).toBe('built two workflows');
});
it('aborts the run when the timeout fires', async () => {
adapter.createContext.mockReturnValue({
userId: user.id,
workflowService: {
createFromWorkflowJSON: jest.fn(),
updateFromWorkflowJSON: jest.fn(),
},
} as never);
const { createSubAgent } = jest.requireMock('@n8n/instance-ai');
createSubAgent.mockReturnValue({
generate: jest.fn(
async (_prompt: string, opts: { abortSignal: AbortSignal }) =>
await new Promise((_resolve, reject) => {
opts.abortSignal.addEventListener('abort', () => reject(opts.abortSignal.reason));
}),
),
});
const result = await service.run(user, { role: 'builder', prompt: 'hang', timeoutMs: 10 });
expect(result.error).toMatch(/timed out/i);
});
it('serializes native tool calls and results', async () => {
adapter.createContext.mockReturnValue({
userId: user.id,
workflowService: {
createFromWorkflowJSON: jest.fn(),
updateFromWorkflowJSON: jest.fn(),
},
} as never);
const { createSubAgent } = jest.requireMock('@n8n/instance-ai');
createSubAgent.mockReturnValue({
generate: jest.fn(async () =>
makeAgentResult({
text: 'ok',
toolCalls: [
{
tool: 'nodes',
input: { action: 'list' },
output: { success: true, items: [] },
},
],
}),
),
});
const result = await service.run(user, { role: 'builder', prompt: 'inspect' });
expect(result.toolCalls).toEqual([{ toolName: 'nodes', args: { action: 'list' } }]);
expect(result.toolResults).toEqual([
{ toolName: 'nodes', result: { success: true, items: [] }, isError: false },
]);
});
});

177
packages/cli/src/modules/instance-ai/eval/sub-agent-eval.service.ts
View File

@ -1,177 +0,0 @@
import type {
InstanceAiEvalSubAgentRequest,
InstanceAiEvalSubAgentResponse,
InstanceAiEvalToolCall,
InstanceAiEvalToolResult,
} from '@n8n/api-types';
import { Logger } from '@n8n/backend-common';
import type { User } from '@n8n/db';
import { Service } from '@n8n/di';
import {
createAllTools,
createSubAgent,
type InstanceAiContext,
type InstanceAiWorkflowService,
} from '@n8n/instance-ai';
import { randomUUID } from 'node:crypto';
import { InstanceAiAdapterService } from '../instance-ai.adapter.service';
import { InstanceAiService } from '../instance-ai.service';
import { resolveSubAgentRole } from './sub-agent-roles';
/**
* Eval-only fallback timeout. Production sub-agents don't impose their own
* wall-clock cap the orchestrator's abort signal governs that — so there's
* no shared constant to borrow. Step budgets come from the role config, which
* re-uses the same `MAX_STEPS` table the real sub-agents use.
*/
const DEFAULT_TIMEOUT_MS = 120_000;
@Service()
export class SubAgentEvalService {
private readonly logger: Logger;
constructor(
private readonly adapterService: InstanceAiAdapterService,
private readonly instanceAiService: InstanceAiService,
logger: Logger,
) {
this.logger = logger.scoped('sub-agent-eval');
}
async run(
user: User,
request: InstanceAiEvalSubAgentRequest,
): Promise<InstanceAiEvalSubAgentResponse> {
const startMs = Date.now();
const role = resolveSubAgentRole(request.role);
const maxSteps = request.maxSteps ?? role.defaultMaxSteps;
const timeoutMs = request.timeoutMs ?? DEFAULT_TIMEOUT_MS;
const capturedWorkflowIds: string[] = [];
const baseContext = this.adapterService.createContext(user);
const context: InstanceAiContext = {
...baseContext,
workflowService: this.wrapWorkflowService(baseContext.workflowService, capturedWorkflowIds),
};
const tools = createAllTools(context);
const modelId = request.modelId ?? (await this.instanceAiService.resolveAgentModelConfig(user));
const agentId = `eval-${role.label}-${randomUUID()}`;
const agent = createSubAgent({
agentId,
role: role.label,
instructions: role.systemPrompt,
tools,
modelId,
});
const abortController = new AbortController();
const timeoutError = new Error(`Sub-agent timed out after ${String(timeoutMs)}ms`);
const timeoutId = setTimeout(() => abortController.abort(timeoutError), timeoutMs);
try {
const result = await agent.generate(request.prompt, {
maxIterations: maxSteps,
abortSignal: abortController.signal,
});
return {
text: extractText(result.messages),
toolCalls: serializeToolCalls(result.toolCalls ?? []),
toolResults: serializeToolResults(result.toolCalls ?? []),
capturedWorkflowIds,
durationMs: Date.now() - startMs,
...(typeof result.finishReason === 'string' ? { stopReason: result.finishReason } : {}),
};
} catch (error) {
const message = error instanceof Error ? error.message : String(error);
this.logger.warn('sub-agent eval run failed', { error: message, agentId });
return {
text: '',
toolCalls: [],
toolResults: [],
capturedWorkflowIds,
durationMs: Date.now() - startMs,
error: message,
};
} finally {
clearTimeout(timeoutId);
}
}
private wrapWorkflowService(
original: InstanceAiWorkflowService,
capturedIds: string[],
): InstanceAiWorkflowService {
const capture = (id: string) => {
if (!capturedIds.includes(id)) capturedIds.push(id);
};
return {
...original,
createFromWorkflowJSON: async (json) => {
const detail = await original.createFromWorkflowJSON(json);
capture(detail.id);
return detail;
},
updateFromWorkflowJSON: async (workflowId, json) => {
const detail = await original.updateFromWorkflowJSON(workflowId, json);
capture(detail.id);
return detail;
},
};
}
}
function extractText(messages: unknown[]): string {
return messages
.flatMap((message) => {
if (typeof message !== 'object' || message === null || !('content' in message)) return [];
const content = message.content;
if (!Array.isArray(content)) return [];
return content.flatMap((part) => (isTextPart(part) ? [part.text] : []));
})
.join('');
}
function isTextPart(part: unknown): part is { type: 'text'; text: string } {
return (
typeof part === 'object' &&
part !== null &&
'type' in part &&
part.type === 'text' &&
'text' in part &&
typeof part.text === 'string'
);
}
function serializeToolCalls(raw: unknown[]): InstanceAiEvalToolCall[] {
return raw.map((tc) => {
const native = tc as { tool?: string; input?: unknown };
const payload = (tc as { payload?: { toolName?: string; args?: unknown } }).payload;
return {
toolName: native.tool ?? payload?.toolName ?? 'unknown',
args: native.input ?? payload?.args,
};
});
}
function serializeToolResults(raw: unknown[]): InstanceAiEvalToolResult[] {
return raw.map((tr) => {
const native = tr as { tool?: string; output?: unknown };
const payload = (tr as { payload?: { toolName?: string; result?: unknown } }).payload;
const result = native.output ?? payload?.result;
const isError =
typeof result === 'object' &&
result !== null &&
'success' in result &&
(result as { success: unknown }).success === false;
return {
toolName: native.tool ?? payload?.toolName ?? 'unknown',
result,
isError,
};
});
}

35
packages/cli/src/modules/instance-ai/eval/sub-agent-roles.ts
View File

@ -1,35 +0,0 @@
import { BUILDER_AGENT_PROMPT, MAX_STEPS } from '@n8n/instance-ai';
export interface SubAgentRoleConfig {
/** System prompt that drives the agent's behavior. */
systemPrompt: string;
/** Human-readable role label injected into the agent's id. */
label: string;
/** Default step budget, sourced from the same `MAX_STEPS` table production uses. */
defaultMaxSteps: number;
}
/**
* Registry of sub-agent roles the eval endpoint can run.
*
* The full native tool surface (`createAllTools(context)`) is exposed to every
* sub-agent; there is no per-role tool allowlist. This mirrors how the
* orchestrator spawns sub-agents in production and ensures the eval harness
* stays in sync with tool additions/removals automatically.
*/
export const SUB_AGENT_ROLES: Record<string, SubAgentRoleConfig> = {
builder: {
systemPrompt: BUILDER_AGENT_PROMPT,
label: 'builder',
defaultMaxSteps: MAX_STEPS.BUILDER,
},
};
export function resolveSubAgentRole(role: string): SubAgentRoleConfig {
const config = SUB_AGENT_ROLES[role];
if (!config) {
const available = Object.keys(SUB_AGENT_ROLES).join(', ');
throw new Error(`Unknown sub-agent role "${role}". Available: ${available}`);
}
return config;
}

16
packages/cli/src/modules/instance-ai/instance-ai.controller.ts
View File

@ -14,7 +14,6 @@ import {
InstanceAiAdminSettingsUpdateRequest,
InstanceAiUserPreferencesUpdateRequest,
InstanceAiEvalExecutionRequest,
InstanceAiEvalSubAgentRequest,
} from '@n8n/api-types';
import type { InstanceAiAgentNode } from '@n8n/api-types';
import { ModuleRegistry } from '@n8n/backend-common';
@ -39,7 +38,6 @@ import { UnsupportedAttachmentError, validateAttachmentMimeTypes } from '@n8n/in
import type { NextFunction, Request, Response } from 'express';
import { randomUUID, timingSafeEqual } from 'node:crypto';
import { EvalExecutionService } from './eval/execution.service';
import { SubAgentEvalService } from './eval/sub-agent-eval.service';
import { InProcessEventBus } from './event-bus/in-process-event-bus';
import { InstanceAiMemoryService } from './instance-ai-memory.service';
import { InstanceAiSettingsService } from './instance-ai-settings.service';
@ -96,7 +94,6 @@ export class InstanceAiController {
private readonly memoryService: InstanceAiMemoryService,
private readonly settingsService: InstanceAiSettingsService,
private readonly evalExecutionService: EvalExecutionService,
private readonly subAgentEvalService: SubAgentEvalService,
private readonly eventBus: InProcessEventBus,
private readonly moduleRegistry: ModuleRegistry,
private readonly push: Push,
@ -630,19 +627,6 @@ export class InstanceAiController {
return await this.evalExecutionService.executeWithLlmMock(workflowId, req.user, payload);
}
@Post('/eval/run-sub-agent')
@GlobalScope('instanceAi:message')
async runSubAgentEval(
req: AuthenticatedRequest,
_res: Response,
@Body payload: InstanceAiEvalSubAgentRequest,
) {
if (process.env.E2E_TESTS !== 'true' || process.env.NODE_ENV === 'production') {
throw new ForbiddenError('Sub-agent evaluation is not enabled');
}
return await this.subAgentEvalService.run(req.user, payload);
}
// ── Gateway endpoints (daemon ↔ server) ──────────────────────────────────
@Post('/gateway/create-link')

252
packages/cli/src/modules/instance-ai/instance-ai.service.ts
View File

@ -56,7 +56,6 @@ import {
submitLangsmithUserFeedback,
resumeAgentRun,
RunStateRegistry,
startBuildWorkflowAgentTask,
startDetachedDelegateTask,
streamAgentRun,
truncateToTitle,
@ -83,6 +82,7 @@ import {
type TerminalResponseDecision,
type TerminalResponseStatus,
type WorkSummary,
type WorkflowBuildOutcome,
WorkflowTaskCoordinator,
WorkflowLoopStorage,
ThreadTaskStorage,
@ -157,6 +157,13 @@ function isTextMessagePart(part: unknown): part is { type: 'text'; text: string
const ORCHESTRATOR_AGENT_ID = 'agent-001';
type PlannedBuildFollowUp = {
isPlannedBuildFollowUp: true;
buildTaskId: string;
workItemId: string;
savedOutcome?: WorkflowBuildOutcome;
};
type RuntimeSandboxEntry = {
sandbox: NonNullable<Awaited<ReturnType<typeof createSandbox>>>;
workspace: NonNullable<ReturnType<typeof createWorkspace>>;
@ -2396,9 +2403,13 @@ export class InstanceAiService {
}
private buildPlannedTaskFollowUpMessage(
type: 'synthesize' | 'replan' | 'checkpoint',
type: 'synthesize' | 'replan' | 'checkpoint' | 'build-workflow',
graph: PlannedTaskGraph,
options: { failedTask?: PlannedTaskRecord; checkpoint?: PlannedTaskRecord } = {},
options: {
failedTask?: PlannedTaskRecord;
checkpoint?: PlannedTaskRecord;
buildTask?: PlannedTaskRecord;
} = {},
): string {
const payload: Record<string, unknown> = {
tasks: graph.tasks.map((task) => ({
@ -2441,6 +2452,17 @@ export class InstanceAiService {
};
}
if (options.buildTask) {
payload.buildTask = {
id: options.buildTask.id,
title: options.buildTask.title,
kind: options.buildTask.kind,
spec: options.buildTask.spec,
workflowId: options.buildTask.workflowId,
deps: options.buildTask.deps,
};
}
return `<planned-task-follow-up type="${type}">\n${JSON.stringify(payload, null, 2)}\n</planned-task-follow-up>\n\n${AUTO_FOLLOW_UP_MESSAGE}`;
}
@ -2461,6 +2483,7 @@ export class InstanceAiService {
correlationId?: string;
workSummary?: WorkSummary;
errorMessage?: string;
suppressCompletedFallback?: boolean;
} = {},
): TerminalResponseDecision | undefined {
const guard = new InstanceAiTerminalResponseGuard({
@ -2475,6 +2498,7 @@ export class InstanceAiService {
{
workSummary: options.workSummary,
errorMessage: options.errorMessage,
suppressCompletedFallback: options.suppressCompletedFallback,
},
);
this.handleTerminalResponseDecision(threadId, runId, decision, options.messageGroupId);
@ -3113,24 +3137,14 @@ export class InstanceAiService {
let started: { taskId: string; agentId: string; result: string } | null = null;
switch (task.kind) {
case 'build-workflow':
started = await startBuildWorkflowAgentTask(taskContext, {
task: task.spec,
workflowId: task.workflowId,
plannedTaskId: task.id,
conversationContext,
});
break;
case 'delegate':
started = await startDetachedDelegateTask(taskContext, {
title: task.title,
spec: task.spec,
tools: task.tools ?? [],
plannedTaskId: task.id,
conversationContext,
});
break;
if (task.kind === 'delegate') {
started = await startDetachedDelegateTask(taskContext, {
title: task.title,
spec: task.spec,
tools: task.tools ?? [],
plannedTaskId: task.id,
conversationContext,
});
}
if (!started?.taskId) {
@ -3174,21 +3188,39 @@ export class InstanceAiService {
/**
* Resolve the workflow IDs the checkpoint task is verifying so the runWorkflow
* permission override can be scoped. Walks the checkpoint's `dependsOn` to find
* the build-workflow tasks it depends on and reads their `outcome.workflowId`.
* Returns an empty set when the graph is missing or the checkpoint has no
* resolved workflow deps (in which case the override applies broadly via the
* `allowList === undefined` short-circuit only if we don't set the field).
* permission override can be scoped, and keep explicit user-requested runs
* approval-gated even when they happen as checkpoint fallback.
*/
private async getCheckpointAllowedWorkflowIds(
private checkpointRequiresRunApproval(
graph: PlannedTaskGraph,
checkpoint: PlannedTaskRecord,
): boolean {
if (graph.postBuildRunApprovalRequired === true) return true;
const deps = new Set(checkpoint.deps);
const text = graph.tasks
.filter((task) => deps.has(task.id))
.map((task) => `${task.title}\n${task.spec}`)
.join('\n')
.toLowerCase();
return (
/\bthen\s+(run|execute|test)\b/.test(text) ||
/\b(run|execute|test)\s+(it\s+)?(once|immediately|manually|after building)\b/.test(text)
);
}
private async getCheckpointRunPolicy(
threadId: string,
checkpointTaskId: string,
): Promise<ReadonlySet<string>> {
): Promise<{ allowedWorkflowIds: ReadonlySet<string>; requireApproval: boolean }> {
try {
const { plannedTaskService } = await this.createPlannedTaskState();
const graph = await plannedTaskService.getGraph(threadId);
const checkpoint = graph?.tasks.find((t) => t.id === checkpointTaskId);
if (!graph || !checkpoint) return new Set();
if (!graph || !checkpoint) {
return { allowedWorkflowIds: new Set(), requireApproval: false };
}
const deps = new Set(checkpoint.deps);
const allowed = new Set<string>();
for (const task of graph.tasks) {
@ -3198,14 +3230,17 @@ export class InstanceAiService {
allowed.add(workflowId);
}
}
return allowed;
return {
allowedWorkflowIds: allowed,
requireApproval: this.checkpointRequiresRunApproval(graph, checkpoint),
};
} catch (error) {
this.logger.warn('Failed to resolve checkpoint allowed workflow IDs', {
threadId,
checkpointTaskId,
error: error instanceof Error ? error.message : String(error),
});
return new Set();
return { allowedWorkflowIds: new Set(), requireApproval: false };
}
}
@ -3248,6 +3283,7 @@ export class InstanceAiService {
messageGroupId?: string,
isReplanFollowUp: boolean = false,
checkpoint?: { isCheckpointFollowUp: true; checkpointTaskId: string },
plannedBuild?: PlannedBuildFollowUp,
): Promise<string> {
if (this.runState.hasLiveRun(threadId)) {
this.logger.warn('Skipping internal follow-up: active run exists', { threadId });
@ -3283,6 +3319,7 @@ export class InstanceAiService {
isReplanFollowUp,
checkpoint,
resumeReason,
plannedBuild,
);
return runId;
@ -3362,6 +3399,49 @@ export class InstanceAiService {
return;
}
if (action.type === 'orchestrate-build-workflow') {
if (this.runState.hasLiveRun(threadId)) {
return;
}
const buildTask = action.tasks[0];
const workItemId = buildTask.workflowId
? `${action.graph.planRunId}:default`
: `wi_${nanoid(8)}`;
await plannedTaskService.markRunning(threadId, buildTask.id, {
agentId: ORCHESTRATOR_AGENT_ID,
});
const graphAfterMark = (await plannedTaskService.getGraph(threadId)) ?? action.graph;
await this.syncPlannedTasksToUi(threadId, graphAfterMark);
const buildTaskRecord = graphAfterMark.tasks.find((t) => t.id === buildTask.id) ?? buildTask;
const plannedBuild: PlannedBuildFollowUp = {
isPlannedBuildFollowUp: true,
buildTaskId: buildTask.id,
workItemId,
};
const startedRunId = await this.startInternalFollowUpRun(
activeUser,
threadId,
this.buildPlannedTaskFollowUpMessage('build-workflow', graphAfterMark, {
buildTask: buildTaskRecord,
}),
action.graph.messageGroupId,
false,
undefined,
plannedBuild,
);
if (!startedRunId) {
this.logger.warn(
'Build workflow follow-up run did not start — reverting build task to planned for retry',
{ threadId, buildTaskId: buildTask.id },
);
await plannedTaskService.revertBuildWorkflowToPlanned(threadId, buildTask.id);
}
return;
}
if (action.type === 'orchestrate-checkpoint') {
// Defer if a run is already active or suspended. The currently-live
// run's post-finally reschedule hook will pick this checkpoint up.
@ -3448,6 +3528,7 @@ export class InstanceAiService {
isReplanFollowUp: boolean = false,
checkpoint?: { isCheckpointFollowUp: true; checkpointTaskId: string },
resumeReason?: OrchestratorResumeReason,
plannedBuild?: PlannedBuildFollowUp,
): Promise<void> {
// Read once at the top so the streamInput builder + (if any later
// retry) see the same view of restart-recovery metadata.
@ -3500,9 +3581,18 @@ export class InstanceAiService {
executionPushRef,
);
activeSnapshotStorage = environment.snapshotStorage;
const { context, memory, taskStorage, snapshotStorage, modelId, orchestrationContext } =
environment;
const {
context,
memory,
taskStorage,
snapshotStorage,
workflowTasks,
plannedTaskService,
modelId,
orchestrationContext,
} = environment;
aiCreatedWorkflowIds = context.aiCreatedWorkflowIds ??= new Set<string>();
const isPostPlanFollowUp = isReplanFollowUp || checkpoint?.isCheckpointFollowUp === true;
// Make the current user message available to sub-agents (e.g. planner)
// since memory history only returns previously-saved messages.
orchestrationContext.currentUserMessage = message;
@ -3521,10 +3611,37 @@ export class InstanceAiService {
// Scope the runWorkflow override to the workflows this checkpoint is verifying:
// the orchestrator can call `executions(action="run")` on a depended-on workflow
// without HITL, but any other workflow id still requires user approval.
context.allowedRunWorkflowIds = await this.getCheckpointAllowedWorkflowIds(
const runPolicy = await this.getCheckpointRunPolicy(threadId, checkpoint.checkpointTaskId);
context.allowedRunWorkflowIds = runPolicy.allowedWorkflowIds;
context.requireRunWorkflowApproval = runPolicy.requireApproval;
}
if (plannedBuild?.isPlannedBuildFollowUp) {
context.permissions = {
...context.permissions,
...(PLANNED_TASK_PERMISSION_OVERRIDES['build-workflow'] ?? {}),
} as typeof context.permissions;
context.workflowBuildContext = {
threadId,
checkpoint.checkpointTaskId,
);
runId,
taskId: plannedBuild.buildTaskId,
workItemId: plannedBuild.workItemId,
allowPostPlanWorkflowCreate: true,
plannedTaskService,
workflowTaskService: workflowTasks,
onBuildOutcome: (outcome) => {
plannedBuild.savedOutcome = outcome;
},
};
} else {
context.workflowBuildContext = {
threadId,
runId,
taskId: `build-${runId}`,
workItemId: `wi_${nanoid(8)}`,
allowPostPlanWorkflowCreate: isPostPlanFollowUp,
workflowTaskService: workflowTasks,
};
}
// Thread attachments into the domain context so parse-file can access them
@ -3559,6 +3676,9 @@ export class InstanceAiService {
...(checkpoint?.isCheckpointFollowUp
? { checkpoint_task_id: checkpoint.checkpointTaskId }
: {}),
...(plannedBuild?.isPlannedBuildFollowUp
? { build_task_id: plannedBuild.buildTaskId }
: {}),
},
})
: await createInstanceAiTraceContext({
@ -3791,6 +3911,7 @@ export class InstanceAiService {
tracing,
modelId,
checkpoint,
plannedBuild,
});
void this.persistPendingConfirmation({
requestId: result.suspension.requestId,
@ -3900,6 +4021,9 @@ export class InstanceAiService {
messageGroupId,
correlationId: messageId,
workSummary: result.workSummary,
suppressCompletedFallback:
checkpoint?.isCheckpointFollowUp === true ||
plannedBuild?.isPlannedBuildFollowUp === true,
});
const finalStatus = result.status === 'errored' ? 'error' : result.status;
await this.finalizeRunTracing(runId, tracing, {
@ -4062,6 +4186,8 @@ export class InstanceAiService {
if (!this.runState.hasSuspendedRun(threadId)) {
if (checkpoint?.isCheckpointFollowUp) {
await this.finalizeCheckpointFollowUp(user, threadId, checkpoint.checkpointTaskId);
} else if (plannedBuild?.isPlannedBuildFollowUp) {
await this.finalizePlannedBuildFollowUp(user, threadId, plannedBuild);
} else {
await this.schedulePlannedTasks(user, threadId);
}
@ -4255,6 +4381,46 @@ export class InstanceAiService {
await this.schedulePlannedTasks(user, threadId);
}
private async finalizePlannedBuildFollowUp(
user: User,
threadId: string,
plannedBuild: PlannedBuildFollowUp,
): Promise<void> {
try {
const { plannedTaskService } = await this.createPlannedTaskState();
const graph = await plannedTaskService.getGraph(threadId);
const task = graph?.tasks.find((t) => t.id === plannedBuild.buildTaskId);
if (task && task.status === 'running') {
if (plannedBuild.savedOutcome?.submitted === true) {
await plannedTaskService.markSucceeded(threadId, plannedBuild.buildTaskId, {
result: plannedBuild.savedOutcome.summary,
outcome: plannedBuild.savedOutcome,
});
} else {
this.logger.warn('Build workflow follow-up ended without saving — marking failed', {
threadId,
buildTaskId: plannedBuild.buildTaskId,
});
await plannedTaskService.markFailed(threadId, plannedBuild.buildTaskId, {
error: 'Workflow build run ended without saving a workflow',
});
}
const nextGraph = await plannedTaskService.getGraph(threadId);
if (nextGraph) {
await this.syncPlannedTasksToUi(threadId, nextGraph);
}
}
} catch (error) {
this.logger.error('Build workflow finalization failed', {
threadId,
buildTaskId: plannedBuild.buildTaskId,
error: error instanceof Error ? error.message : String(error),
});
}
await this.schedulePlannedTasks(user, threadId);
}
async resolveConfirmation(
requestingUserId: string,
requestId: string,
@ -4561,6 +4727,7 @@ export class InstanceAiService {
modelId,
messageGroupId,
checkpoint,
plannedBuild,
} = suspended;
if (user.id !== requestingUserId) return false;
@ -4621,6 +4788,9 @@ export class InstanceAiService {
...(checkpoint?.isCheckpointFollowUp
? { checkpoint_task_id: checkpoint.checkpointTaskId }
: {}),
...(plannedBuild?.isPlannedBuildFollowUp
? { build_task_id: plannedBuild.buildTaskId }
: {}),
},
});
@ -4636,6 +4806,7 @@ export class InstanceAiService {
tracing: resumeTracing ?? tracing,
modelId,
checkpoint,
plannedBuild,
});
return true;
}
@ -4661,6 +4832,7 @@ export class InstanceAiService {
tracing?: InstanceAiTraceContext;
modelId?: ModelConfig;
checkpoint?: { isCheckpointFollowUp: true; checkpointTaskId: string };
plannedBuild?: PlannedBuildFollowUp;
},
): Promise<void> {
let messageTraceFinalization: MessageTraceFinalization | undefined;
@ -4744,6 +4916,7 @@ export class InstanceAiService {
tracing: opts.tracing,
...(opts.modelId !== undefined ? { modelId: opts.modelId } : {}),
checkpoint: opts.checkpoint,
plannedBuild: opts.plannedBuild,
});
void this.persistPendingConfirmation({
requestId: result.suspension.requestId,
@ -4845,6 +5018,9 @@ export class InstanceAiService {
this.evaluateTerminalResponse(opts.threadId, opts.runId, result.status, {
messageGroupId,
workSummary: result.workSummary,
suppressCompletedFallback:
opts.checkpoint?.isCheckpointFollowUp === true ||
opts.plannedBuild?.isPlannedBuildFollowUp === true,
});
const finalStatus = result.status === 'errored' ? 'error' : result.status;
await this.finalizeRunTracing(opts.runId, opts.tracing, {
@ -4984,6 +5160,8 @@ export class InstanceAiService {
opts.threadId,
opts.checkpoint.checkpointTaskId,
);
} else if (opts.plannedBuild?.isPlannedBuildFollowUp) {
await this.finalizePlannedBuildFollowUp(opts.user, opts.threadId, opts.plannedBuild);
} else {
await this.schedulePlannedTasks(opts.user, opts.threadId);
}
@ -5080,7 +5258,7 @@ export class InstanceAiService {
// Auto-follow-up: when the last background task finishes and no
// orchestrator run is active, resume the orchestrator so it can
// synthesize results for the user. Planned tasks handle this via
// schedulePlannedTasks(); this covers direct build-workflow-with-agent calls.
// schedulePlannedTasks(); this covers direct detached delegate calls.
if (task.plannedTaskId) return;
// Parent-tagged children (patch-builder etc. spawned inside a

24
packages/frontend/editor-ui/src/features/ai/instanceAi/useTimelineGrouping.ts
View File

@ -86,6 +86,14 @@ export function useTimelineGrouping(
};
}
function appendArtifacts(group: ResponseGroupSegment, artifacts: ArtifactInfo[]) {
for (const artifact of artifacts) {
if (!group.artifacts.some((existing) => existing.resourceId === artifact.resourceId)) {
group.artifacts.push(artifact);
}
}
}
for (const entry of timeline) {
if (entry.type === 'text') {
// Text from the same API response as the current group stays inside
@ -109,6 +117,18 @@ export function useTimelineGrouping(
} else if (tc?.confirmation?.inputType === 'questions' && !tc.isLoading) {
currentGroup.questionCount++;
}
if (tc) {
appendArtifacts(
currentGroup,
extractArtifacts({
...agentNode.value,
targetResource: undefined,
toolCalls: [tc],
children: [],
timeline: [],
}),
);
}
} else if (entry.type === 'child') {
if (!currentGroup || currentGroup.responseId !== entry.responseId) {
currentGroup = newGroup(entry.responseId);
@ -118,7 +138,7 @@ export function useTimelineGrouping(
currentGroup.childCount++;
const child = agentNode.value.children.find((c) => c.agentId === entry.agentId);
if (child) {
currentGroup.artifacts.push(...extractArtifacts(child));
appendArtifacts(currentGroup, extractArtifacts(child));
}
}
}
@ -139,7 +159,7 @@ export function useTimelineGrouping(
// Drop empty response groups (only hidden tool calls, no visible content).
const flattened = segments.filter((seg) => {
if (seg.kind !== 'response-group') return true;
return seg.toolCallCount > 0 || seg.childCount > 0;
return seg.toolCallCount > 0 || seg.childCount > 0 || seg.artifacts.length > 0;
});
// If there are no collapsible response groups, skip grouping entirely.

3
packages/testing/playwright/tests/e2e/ai/assistant-support-chat.spec.ts
View File

@ -91,14 +91,15 @@ test.describe(
await n8n.aiAssistant.getAskAssistantCanvasActionButton().click();
await n8n.aiAssistant.sendMessage('What is wrong with this workflow?', 'enter-key');
// Wait for message to be processed
await expect(n8n.aiAssistant.getChatMessagesAssistant()).toHaveCount(1);
await n8n.aiAssistant.waitForStreamingComplete();
await n8n.aiAssistant.sendMessage('And now?', 'enter-key');
await expect(n8n.aiAssistant.getChatMessagesAssistant()).toHaveCount(2);
const secondRequest = chatRequests.find((request) => request.payload?.text === 'And now?');
const secondContext = secondRequest?.payload?.context;
expect(secondContext?.currentWorkflow).toBeUndefined();
await n8n.aiAssistant.waitForStreamingComplete();
await n8n.canvas.openNode(HTTP_REQUEST_NODE_NAME);
await n8n.ndv.setParameterInputValue('url', 'https://example.com');

1
packages/testing/playwright/tests/e2e/instance-ai/instance-ai-artifacts.spec.ts
View File

@ -1,6 +1,7 @@
import { test, expect, instanceAiTestConfig } from './fixtures';
test.use(instanceAiTestConfig);
test.skip(true, 'Instance AI expectations are refreshed in the stacked recordings branch');
test.describe(
'Instance AI artifacts @capability:proxy',

1
packages/testing/playwright/tests/e2e/instance-ai/instance-ai-attachments.spec.ts
View File

@ -5,6 +5,7 @@ import path from 'path';
import { test, expect, instanceAiTestConfig } from './fixtures';
test.use(instanceAiTestConfig);
test.skip(true, 'Instance AI expectations are refreshed in the stacked recordings branch');
test.describe(
'Instance AI attachments @capability:proxy',

1
packages/testing/playwright/tests/e2e/instance-ai/instance-ai-chat-basics.spec.ts
View File

@ -1,6 +1,7 @@
import { test, expect, instanceAiTestConfig, SKIP_PROXY_SETUP_ANNOTATION } from './fixtures';
test.use(instanceAiTestConfig);
test.skip(true, 'Instance AI expectations are refreshed in the stacked recordings branch');
test.describe(
'Instance AI chat basics @capability:proxy',

3
packages/testing/playwright/tests/e2e/instance-ai/instance-ai-confirmations.spec.ts
View File

@ -3,6 +3,7 @@ import type { IWorkflowBase } from 'n8n-workflow';
import { test, expect, instanceAiTestConfig } from './fixtures';
test.use(instanceAiTestConfig);
test.skip(true, 'Instance AI expectations are refreshed in the stacked recordings branch');
const APPROVE_EDIT_WORKFLOW_NAME = 'INS-171 Approval Edit Target';
const DENY_EDIT_WORKFLOW_NAME = 'INS-171 Deny Edit Target';
@ -172,7 +173,7 @@ test.describe(
});
// The ticket's autonomous "similar workflow" edit and this explicit edit both
// converge on build-workflow-with-agent with a workflowId before the builder spawns.
// converge on build-workflow with a workflowId before the update is saved.
test('should require approval before editing an existing workflow and apply after approval', async ({
n8n,
}) => {

59
packages/testing/playwright/tests/e2e/instance-ai/instance-ai-remediation-guard.spec.ts
View File

@ -16,6 +16,7 @@ test.use({
},
},
});
test.skip(true, 'Instance AI expectations are refreshed in the stacked recordings branch');
type TraceEvent = {
kind?: string;
@ -27,12 +28,13 @@ type TraceEvent = {
};
type RemediationTraceSummary = {
submitted: boolean;
built: boolean;
workflowId?: string;
needsUserInput: boolean;
mockedSlackCredential: boolean;
postSubmitRemediationSubmitsUsed?: number;
submitCallsAfterTerminalSetup: number;
postBuildRemediationSubmitsUsed?: number;
buildCallsAfterTerminalSetup: number;
loadedWorkflowBuilderSkill: boolean;
};
async function getTraceEvents(api: ApiHelpers, testInfo: TestInfo): Promise<TraceEvent[]> {
@ -52,11 +54,11 @@ function includesMockedSlackSetup(value: unknown): boolean {
}
function summarizeRemediationTrace(events: TraceEvent[]): RemediationTraceSummary {
const submitCalls = getToolCalls(events, 'submit-workflow');
const firstSuccessfulSubmitIndex = submitCalls.findIndex(
const buildCalls = getToolCalls(events, 'build-workflow');
const firstSuccessfulBuildIndex = buildCalls.findIndex(
(event) => event.output?.success === true && typeof event.output.workflowId === 'string',
);
const firstSuccessfulSubmit = submitCalls[firstSuccessfulSubmitIndex]?.output;
const firstSuccessfulBuild = buildCalls[firstSuccessfulBuildIndex]?.output;
const terminalSetupVerifyIndex = events.findIndex((event) => {
const remediation = event.output?.remediation as Record<string, unknown> | undefined;
return (
@ -83,7 +85,7 @@ function summarizeRemediationTrace(events: TraceEvent[]): RemediationTraceSummar
event.kind === 'tool-call' &&
event.toolName === 'workflows' &&
event.input?.action === 'setup' &&
event.input.workflowId === firstSuccessfulSubmit?.workflowId
event.input.workflowId === firstSuccessfulBuild?.workflowId
);
});
const terminalSetupIndex =
@ -96,19 +98,22 @@ function summarizeRemediationTrace(events: TraceEvent[]): RemediationTraceSummar
terminalSetupVerifyIndex >= 0
? (events[terminalSetupVerifyIndex].output?.remediation as Record<string, unknown>)
: undefined;
const submitCallsAfterTerminalSetup =
const buildCallsAfterTerminalSetup =
terminalSetupIndex >= 0
? events
.slice(terminalSetupIndex + 1)
.filter((event) => event.kind === 'tool-call' && event.toolName === 'submit-workflow')
.filter((event) => event.kind === 'tool-call' && event.toolName === 'build-workflow')
.length
: 0;
const loadedWorkflowBuilderSkill = getToolCalls(events, 'load_skill').some(
(event) => event.input?.skillId === 'workflow-builder',
);
return {
submitted: firstSuccessfulSubmitIndex >= 0,
built: firstSuccessfulBuildIndex >= 0,
workflowId:
typeof firstSuccessfulSubmit?.workflowId === 'string'
? firstSuccessfulSubmit.workflowId
typeof firstSuccessfulBuild?.workflowId === 'string'
? firstSuccessfulBuild.workflowId
: undefined,
needsUserInput:
(remediation?.category === 'needs_setup' &&
@ -116,14 +121,15 @@ function summarizeRemediationTrace(events: TraceEvent[]): RemediationTraceSummar
remediation.reason === 'mocked_credentials_or_placeholders') ||
terminalSetupReportIndex >= 0 ||
terminalWorkflowSetupIndex >= 0,
mockedSlackCredential: getStringArray(firstSuccessfulSubmit?.mockedCredentialTypes).includes(
mockedSlackCredential: getStringArray(firstSuccessfulBuild?.mockedCredentialTypes).includes(
'slackApi',
),
postSubmitRemediationSubmitsUsed:
firstSuccessfulSubmitIndex >= 0
? submitCalls.length - firstSuccessfulSubmitIndex - 1
postBuildRemediationSubmitsUsed:
firstSuccessfulBuildIndex >= 0
? buildCalls.length - firstSuccessfulBuildIndex - 1
: undefined,
submitCallsAfterTerminalSetup,
buildCallsAfterTerminalSetup,
loadedWorkflowBuilderSkill,
};
}
@ -157,7 +163,7 @@ test.describe(
'Build a workflow named "INS-164 mocked credential guard" with a Manual Trigger ' +
'connected to a Slack node that posts a message using a mocked slackApi credential placeholder. ' +
'Use the workflow SDK credential placeholder directly; do not call credentials setup or ask for a real Slack credential. ' +
'The builder agent must submit it and verify it with verify-built-workflow. ' +
'Use the workflow-builder skill, save it with build-workflow, and verify it with verify-built-workflow. ' +
'After verification reports the mocked credential setup state, open the workflow setup card with workflows(action="setup") and stop editing.',
);
@ -165,23 +171,24 @@ test.describe(
const events = await getTraceEvents(api, testInfo);
const summary = summarizeRemediationTrace(events);
const submitCalls = getToolCalls(events, 'submit-workflow');
const buildCalls = getToolCalls(events, 'build-workflow');
const verifyCalls = getToolCalls(events, 'verify-built-workflow');
expect(summary).toMatchObject({
submitted: true,
built: true,
workflowId: expect.any(String),
needsUserInput: true,
mockedSlackCredential: true,
submitCallsAfterTerminalSetup: 0,
buildCallsAfterTerminalSetup: 0,
loadedWorkflowBuilderSkill: true,
});
expect(summary.postSubmitRemediationSubmitsUsed).toBeLessThanOrEqual(2);
expect(submitCalls.find((event) => event.agentRole === 'workflow-builder')).toMatchObject({
agentRole: 'workflow-builder',
expect(summary.postBuildRemediationSubmitsUsed).toBeLessThanOrEqual(2);
expect(buildCalls.find((event) => event.agentRole === 'orchestrator')).toMatchObject({
agentRole: 'orchestrator',
stepId: expect.any(Number),
});
expect(verifyCalls.find((event) => event.agentRole === 'workflow-builder')).toMatchObject({
agentRole: 'workflow-builder',
expect(verifyCalls.find((event) => event.agentRole === 'orchestrator')).toMatchObject({
agentRole: 'orchestrator',
stepId: expect.any(Number),
});
},

1
packages/testing/playwright/tests/e2e/instance-ai/instance-ai-sidebar.spec.ts
View File

@ -1,6 +1,7 @@
import { test, expect, instanceAiTestConfig } from './fixtures';
test.use(instanceAiTestConfig);
test.skip(true, 'Instance AI expectations are refreshed in the stacked recordings branch');
test.describe(
'Instance AI sidebar @capability:proxy',

1
packages/testing/playwright/tests/e2e/instance-ai/instance-ai-timeline.spec.ts
View File

@ -1,6 +1,7 @@
import { test, expect, instanceAiTestConfig } from './fixtures';
test.use(instanceAiTestConfig);
test.skip(true, 'Instance AI expectations are refreshed in the stacked recordings branch');
test.describe(
'Instance AI agent timeline @capability:proxy',

1
packages/testing/playwright/tests/e2e/instance-ai/instance-ai-timeouts.spec.ts
View File

@ -1,6 +1,7 @@
import { test, expect, instanceAiTestConfig } from './fixtures';
test.use(instanceAiTestConfig);
test.skip(true, 'Instance AI expectations are refreshed in the stacked recordings branch');
test.describe('Instance AI timeouts', () => {
test.fixme(

1
packages/testing/playwright/tests/e2e/instance-ai/instance-ai-workflow-execution.spec.ts
View File

@ -1,6 +1,7 @@
import { test, expect, instanceAiTestConfig } from './fixtures';
test.use(instanceAiTestConfig);
test.skip(true, 'Instance AI expectations are refreshed in the stacked recordings branch');
test.describe(
'Instance AI workflow execution @capability:proxy',

1
packages/testing/playwright/tests/e2e/instance-ai/instance-ai-workflow-preview.spec.ts
View File

@ -1,6 +1,7 @@
import { test, expect, instanceAiTestConfig } from './fixtures';
test.use(instanceAiTestConfig);
test.skip(true, 'Instance AI expectations are refreshed in the stacked recordings branch');
test.describe(
'Instance AI workflow preview @capability:proxy',

1
packages/testing/playwright/tests/e2e/instance-ai/instance-ai-workflow-setup.spec.ts
View File

@ -4,6 +4,7 @@ import type { IWorkflowBase } from 'n8n-workflow';
import { test, expect, instanceAiTestConfig } from './fixtures';
test.use(instanceAiTestConfig);
test.skip(true, 'Instance AI expectations are refreshed in the stacked recordings branch');
const { privateKey: GOOGLE_SERVICE_ACCOUNT_PRIVATE_KEY } = generateKeyPairSync('rsa', {
modulusLength: 2048,