H1报告
中级
这是一个SecOps, AI Summarization领域的自动化工作流,包含 9 个节点。主要使用 Agent, HttpRequestTool, ChatTrigger, LmChatGoogleGemini 等节点。 使用Google Gemini从HackerOne报告中提取可操作的安全洞察
前置要求
- •可能需要目标 API 的认证凭证
- •Google Gemini API Key
工作流预览
可视化展示节点连接关系,支持缩放和平移
导出工作流
复制以下 JSON 配置到 n8n 导入,即可使用此工作流
{
"id": "GQvrSUkdvgHiSl4W",
"meta": {
"instanceId": "c5257b5cf4d48704d636909c07c4408a69d6799d0a855eab46287eeb702c84b0",
"templateCredsSetupCompleted": true
},
"name": "H1 报告",
"tags": [
{
"id": "B57Byrk0DBYk6h5Q",
"name": "The Herald",
"createdAt": "2025-07-07T03:11:18.909Z",
"updatedAt": "2025-07-07T03:11:18.909Z"
}
],
"nodes": [
{
"id": "bedea6c7-e283-4339-9b7f-dd1d1bcf8016",
"name": "Google Gemini 聊天模型",
"type": "@n8n/n8n-nodes-langchain.lmChatGoogleGemini",
"position": [
576,
208
],
"parameters": {
"options": {},
"modelName": "models/gemini-2.5-pro"
},
"credentials": {
"googlePalmApi": {
"id": "9X33EcTu2Vxq1AUX",
"name": "Google Gemini(PaLM) Api account"
}
},
"typeVersion": 1
},
{
"id": "ce8f1868-70e3-4b0a-8e6c-6078359b7d9e",
"name": "获取 H1 报告",
"type": "n8n-nodes-base.httpRequestTool",
"position": [
912,
208
],
"parameters": {
"url": "={{ /*n8n-auto-generated-fromAI-override*/ $fromAI('URL', ``, 'string') }}",
"options": {},
"toolDescription": "Makes a request to \n```\nhttps://hackerone.com/reports/<hackerone-report-id>.json\n```\nexample:\n\nhttps://hackerone.com/reports/312543.json\nhttps://hackerone.com/reports/342543.json"
},
"typeVersion": 4.2
},
{
"id": "0e7065ce-f2aa-416d-9488-dbffa4bb0f67",
"name": "当收到聊天消息时",
"type": "@n8n/n8n-nodes-langchain.chatTrigger",
"position": [
448,
0
],
"webhookId": "0ffa61ef-4e16-43f7-a57b-7e103047dc9f",
"parameters": {
"public": true,
"options": {
"title": "H1 report summarizer",
"subtitle": "",
"customCss": "/* Font Import (place in your <head>) */\n@import url('https://fonts.googleapis.com/css2?family=Inter:wght@400;600&family=Fira+Code&display=swap');\n\n:root {\n /* 🎨 Color Palette - Minimal + Elegant */\n --chat--color-primary: #e74266;\n --chat--color-primary-shade-50: #d63b5d;\n --chat--color-primary-shade-100: #c73352;\n --chat--color-secondary: #20b69e;\n --chat--color-secondary-shade-50: #1ca08a;\n\n --chat--color-white: #ffffff;\n --chat--color-light: #f9fafb;\n --chat--color-light-shade-50: #e5e7eb;\n --chat--color-light-shade-100: #d1d5db;\n --chat--color-medium: #9ca3af;\n --chat--color-dark: #111827;\n --chat--color-muted: #6b7280;\n\n /* Fonts & Sizing */\n --chat--font-family: 'Inter', -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, sans-serif;\n --chat--code-font: 'Fira Code', monospace;\n --chat--font-size: 1rem;\n\n /* Layout & Spacing */\n --chat--spacing: 1rem;\n --chat--border-radius: 0.75rem;\n --chat--transition-duration: 0.25s;\n\n /* Window */\n --chat--window--width: 420px;\n --chat--window--height: 620px;\n --chat--window--box-shadow: 0 12px 32px rgba(0, 0, 0, 0.1);\n\n /* Header */\n --chat--header--background: var(--chat--color-dark);\n --chat--header--color: var(--chat--color-white);\n --chat--heading--font-size: 1.4rem;\n\n /* Message Bubbles */\n --chat--message--font-size: 1rem;\n --chat--message--padding: 0.85rem 1rem;\n --chat--message--border-radius: 0.75rem;\n --chat--message--bot--background: var(--chat--color-white);\n --chat--message--bot--color: var(--chat--color-dark);\n --chat--message--user--background: var(--chat--color-secondary);\n --chat--message--user--color: var(--chat--color-white);\n\n /* Input */\n --chat--input--background: var(--chat--color-white);\n --chat--input--text-color: var(--chat--color-dark);\n --chat--input--border: 1px solid var(--chat--color-light-shade-100);\n --chat--input--border-radius: 0.75rem;\n --chat--input--placeholder: var(--chat--color-muted);\n\n /* Code Blocks */\n --chat--code--background: #111827;\n --chat--code--text: #f9fafb;\n}\n\n/* 🪟 Chat Window */\n.chat-window {\n width: var(--chat--window--width);\n height: var(--chat--window--height);\n background: var(--chat--color-light);\n box-shadow: var(--chat--window--box-shadow);\n border-radius: var(--chat--border-radius);\n display: flex;\n flex-direction: column;\n overflow: hidden;\n font-family: var(--chat--font-family);\n -webkit-font-smoothing: antialiased;\n}\n\n/* 🧠 Header */\n.chat-header {\n background: var(--chat--header--background);\n color: var(--chat--header--color);\n padding: var(--chat--spacing);\n font-size: var(--chat--heading--font-size);\n font-weight: 600;\n border-bottom: 1px solid rgba(255, 255, 255, 0.08);\n}\n\n/* 📜 Message Container */\n.chat-messages {\n flex: 1;\n padding: var(--chat--spacing);\n overflow-y: auto;\n background: var(--chat--color-light);\n}\n\n/* 💬 Message Bubbles */\n.chat-message {\n max-width: 75%;\n padding: var(--chat--message--padding);\n border-radius: var(--chat--message--border-radius);\n margin-bottom: 0.75rem;\n font-size: var(--chat--message--font-size);\n line-height: 1.5;\n box-shadow: 0 2px 4px rgba(0, 0, 0, 0.04);\n word-break: break-word;\n transition: 0.2s ease-in-out;\n}\n\n.chat-message.bot {\n background: var(--chat--message--bot--background);\n color: var(--chat--message--bot--color);\n align-self: flex-start;\n}\n\n.chat-message.user {\n background: var(--chat--message--user--background);\n color: var(--chat--message--user--color);\n align-self: flex-end;\n}\n\n/* 🧑💻 Code Block Styling - Enhanced Visibility */\n.chat-message pre {\n box-sizing: border-box;\n display: block;\n font-family: var(--chat--code-font), monospace;\n font-size: 0.9rem; /* Slightly larger font */\n line-height: 1.6; /* More spacing */\n background: #f8f8f8; /* Dark but not pure black */\n color: #333; /* Light gray for better readability */\n padding: 1rem;\n border-radius: 0.5rem;\n margin-top: 0.75rem;\n white-space: pre-wrap;\n word-break: break-word;\n overflow-x: auto;\n border: 1px solid #ddd; /* Subtle border */\n box-shadow: inset 0 1px 3px rgba(0, 0, 0, 0.3);\n}\n\n/* Label above code blocks - More visible */\n.chat-message pre::before {\n content: \"payload\";\n display: block;\n font-size: 0.8rem;\n color: #666;\n margin-bottom: 0.75rem;\n font-weight: 600;\n letter-spacing: 0.5px;\n}\n\n/* Syntax highlighting colors (example) */\n.chat-message pre .keyword { color: #569cd6; } /* Blue for keywords */\n.chat-message pre .string { color: #ce9178; } /* Orange for strings */\n.chat-message pre .comment { color: #6a9955; } /* Green for comments */\n.chat-message pre .number { color: #b5cea8; } /* Light green for numbers */\n\n/* Improved scrollbar */\n.chat-message pre::-webkit-scrollbar {\n height: 8px; /* Thicker scrollbar */\n background-color: #2a2a2a;\n}\n.chat-message pre::-webkit-scrollbar-thumb {\n background: #5a5a5a;\n border-radius: 4px;\n}\n\n/* ✍️ Typing Indicator */\n.chat-typing {\n color: var(--chat--color-muted);\n font-style: italic;\n margin-top: 0.5rem;\n animation: blink 1s infinite;\n}\n@keyframes blink {\n 0%, 100% { opacity: 1; }\n 50% { opacity: 0.4; }\n}\n\n/* ⌨️ Input Footer */\n.chat-input-area {\n display: flex;\n padding: var(--chat--spacing);\n border-top: 1px solid var(--chat--color-light-shade-100);\n background: var(--chat--color-white);\n}\n\n.chat-input {\n flex: 1;\n font-family: var(--chat--font-family);\n font-size: var(--chat--font-size);\n background: var(--chat--input--background);\n color: var(--chat--input--text-color);\n border: var(--chat--input--border);\n border-radius: var(--chat--input--border-radius);\n padding: 0.75rem 1rem;\n}\n.chat-input::placeholder {\n color: var(--chat--input--placeholder);\n}\n\n/* 📤 Send Button */\n.chat-send-btn {\n margin-left: 0.75rem;\n background: var(--chat--color-primary);\n color: var(--chat--color-white);\n border: none;\n border-radius: var(--chat--border-radius);\n padding: 0.75rem 1rem;\n cursor: pointer;\n transition: background 0.2s ease-in-out;\n}\n.chat-send-btn:hover {\n background: var(--chat--color-primary-shade-50);\n}\n\n/* 💝 Attribution Below Header */\n.chat-header::after {\n content: \"Made with ❤️ by ethicxl\";\n display: block;\n text-align: right;\n padding: 0.5rem var(--chat--spacing);\n background: var(--chat--color-dark);\n font-size: 0.75rem;\n color: var(--chat--color-medium);\n font-weight: 400;\n font-family: var(--chat--font-family);\n border-bottom: 1px solid rgba(255, 255, 255, 0.08);\n}\n\n/* Remove the problematic positioning */\n.chat-input-area {\n position: static;\n margin-bottom: 0;\n}"
},
"initialMessages": "Hey!\nSend your report's link down below"
},
"typeVersion": 1.1
},
{
"id": "5f51af95-aa06-43f8-b7c9-c5ff5a4298cb",
"name": "H1 报告摘要器",
"type": "@n8n/n8n-nodes-langchain.agent",
"position": [
640,
0
],
"parameters": {
"text": "={{ $json.chatInput }}",
"options": {
"systemMessage": "=You are an expert AI assistant designed for a high-level bug bounty hunter. Your task is to extract and summarize only **unique, high-impact technical insights** from security reports, not general summaries.\n\nTool Calling:\n\n* Before you write anything you must:\n* Call the tool `GET H1 report` exactly once, passing the full URL you received.\n* Parse the returned JSON for report contents (they would be in JSON)\n\nFocus your analysis on:\n- New payloads, edge-case techniques, or chaining methods\n- Root cause analysis with practical pentesting value\n- Workflow insights that save time or increase discovery\n- Snippets that can be reused or adapted (code, diffs, commands)\n- CVSS/impact context only if it reflects real-world exploitation potential\n\nYour tone is concise, factual, and tailored for advanced hunters. Do not include background explanations or definitions.\n\nFormat the output as:\n\n1. **Summary** (1–2 sentence BLUF)\n2. **Techniques**:\n - *Name*: Short tag for the finding (e.g., SSRF via PDF render)\n - *Context*: Where/how the bug was triggered\n - *Technique*: Raw payload, code, diff, or steps\n - *Impact*: What the attacker could achieve\n3. **Pro Tip** (optional): A short insight that can be reused elsewhere\n"
},
"promptType": "define"
},
"typeVersion": 2
},
{
"id": "61f8445f-7789-44ea-8ed8-edd54eba19d7",
"name": "便签",
"type": "n8n-nodes-base.stickyNote",
"position": [
1168,
-128
],
"parameters": {
"color": 4,
"width": 376,
"height": 208,
"content": "## 🎯 工作流目的"
},
"typeVersion": 1
},
{
"id": "19e3ab93-8027-423d-bc98-5d21eb66db2a",
"name": "便签1",
"type": "n8n-nodes-base.stickyNote",
"position": [
0,
-32
],
"parameters": {
"width": 352,
"height": 204,
"content": "### 📨 聊天界面"
},
"typeVersion": 1
},
{
"id": "56c29618-9568-4b8c-aeff-81cfb820bd1f",
"name": "便签 2",
"type": "n8n-nodes-base.stickyNote",
"position": [
640,
-288
],
"parameters": {
"width": 268,
"height": 200,
"content": "### 🧠 主 Agent"
},
"typeVersion": 1
},
{
"id": "3cb80e59-054b-4d8f-8786-e63595b888ec",
"name": "便签 3",
"type": "n8n-nodes-base.stickyNote",
"position": [
320,
352
],
"parameters": {
"width": 248,
"height": 196,
"content": "### 🔧 GEMINI LLM"
},
"typeVersion": 1
},
{
"id": "f0e4251b-f830-47a9-8709-63b37472f9ff",
"name": "便签 4",
"type": "n8n-nodes-base.stickyNote",
"position": [
912,
368
],
"parameters": {
"width": 264,
"height": 200,
"content": "### 📡 HTTP 获取器"
},
"typeVersion": 1
}
],
"active": true,
"pinData": {},
"settings": {
"executionOrder": "v1"
},
"versionId": "8fbd7882-d242-44cd-a45c-ef598ba294d8",
"connections": {
"GET H1 report": {
"ai_tool": [
[
{
"node": "H1 report summarizer",
"type": "ai_tool",
"index": 0
}
]
]
},
"H1 report summarizer": {
"main": [
[]
]
},
"Google Gemini Chat Model": {
"ai_languageModel": [
[
{
"node": "H1 report summarizer",
"type": "ai_languageModel",
"index": 0
}
]
]
},
"When chat message received": {
"main": [
[
{
"node": "H1 report summarizer",
"type": "main",
"index": 0
}
]
]
}
}
}常见问题
如何使用这个工作流?
复制上方的 JSON 配置代码,在您的 n8n 实例中创建新工作流并选择「从 JSON 导入」,粘贴配置后根据需要修改凭证设置即可。
这个工作流适合什么场景?
中级 - 安全运维, AI 摘要总结
需要付费吗?
本工作流完全免费,您可以直接导入使用。但请注意,工作流中使用的第三方服务(如 OpenAI API)可能需要您自行付费。
相关工作流推荐
CVE速览
使用Gemini AI监控新CVE漏洞用于漏洞赏金狩猎并发送Slack警报
Set
Slack
Split Out
+5
12 节点Kunsh
杂项
注重隐私的路由器:增强型PII检测工作流
AI隐私保护路由器:PII检测,保障隐私、安全和合规性
Code
Switch
Agent
+5
20 节点Charles
安全运维
欺诈预订检测器:使用AI识别可疑旅行交易
欺诈预订检测器:使用Google Gemini识别可疑旅行交易
If
Set
Code
+8
20 节点Oneclick AI Squad
安全运维
从非结构化数据到结构化数据
行动计划:使用OpenAI模型处理邮件源和数据表
Data Table
Gmail Trigger
Data Table Tool
+8
16 节点Davide
文档提取
会议记录通知
使用Gemini AI和Slack通知自动化会议笔记摘要
Set
Code
Slack
+9
16 节点Sayone Technologies
AI 摘要总结
通过Tavily和Gemini自动化每周好莱坞电影简报
通过Tavily和Gemini自动化每周好莱坞电影简报
Gmail
Agent
Http Request Tool
+4
11 节点Manav Desai
社交媒体
