The AI-Powered n8n Workflow Marketplace & Hosting Platform
Discover, audit, purchase, and deploy automation workflows —
secured by AI and settled natively on the Injective blockchain.
Live Platform · API Docs · Get Started
This is the core of what makes Inject different — every single workflow on the platform is automatically analyzed by our advanced AI engine before it becomes publicly visible.
When a seller uploads an n8n workflow JSON file, the backend immediately runs it through a multi-stage AI pipeline:
Stage 1 — Structural Parsing
The engine first parses the raw n8n workflow JSON to extract structured metadata:
- All node names and node types (HTTP Request, Code, Webhook, etc.)
- The number of connections between nodes
- Any credential types required (e.g.
telegramApi,openAiApi,slackOAuth2Api) - Whether the workflow contains HTTP request nodes and what domains they target
- Whether it contains custom code/function nodes (higher risk)
- Whether it uses webhook triggers
Stage 2 — AI Analysis
This structured metadata (not the raw JSON, which could be huge) is sent to our AI model with a security-auditor system prompt. The AI is asked to return a structured JSON response containing:
{
"score": 87,
"risk_level": "low",
"issues": ["Makes external HTTP requests — verify target domains"],
"summary": "A plain-English paragraph buyers can read to understand what this workflow does and any risks",
"setup_instructions": "Step-by-step guide: what credentials to get, where to get them, how to run the workflow",
"credential_details": [
{
"name": "telegramApi",
"display_name": "Telegram Bot Token",
"description": "Used to send alerts to a Telegram channel",
"how_to_get": "1. Open Telegram and search @BotFather..."
}
]
}Stage 3 — Intelligent Fallback
If the AI engine is unavailable or times out (30-second hard limit), the engine falls back to a rule-based scoring system that applies deterministic deductions:
-15for custom code/function nodes-10for unvalidated HTTP request nodes-20for credential types that handle private keys or secrets-30for seller instructions that mention mnemonic phrases or private key handling
Stage 4 — Results Stored & Displayed
The verification results are written back to the database asynchronously. Every workflow listing page then prominently shows:
- A Security Score (0–100) with a visual progress bar
- A Risk Level badge (
Low/Medium/High) - The AI-generated plain-English summary of what the workflow does
- A list of flagged issues (if any)
- Credential setup guides — step-by-step instructions for every API key or token required
In the existing n8n ecosystem, workflows are shared as raw JSON files with no security review whatsoever. A malicious workflow could silently exfiltrate credentials or send data to unverified endpoints. Inject solves this by making AI-powered security auditing the mandatory entry point for every listing.
Inject uses the Injective Protocol as its native payment and settlement layer. The integration is deep and functional, not cosmetic.
There are no email/password accounts on Inject. Your Injective wallet address is your identity. The platform supports three non-custodial wallets:
- Keplr — Most popular Cosmos wallet
- Ninji — Built natively for Injective
- Leap — Multi-chain Cosmos wallet
The frontend uses @injectivelabs/wallet-ts and @injectivelabs/sdk-ts for wallet connections, message signing, and transaction broadcasting.
When a buyer purchases a workflow:
- The buyer's wallet signs and broadcasts a bank
MsgSendtransaction on the Injective chain, paying the seller's wallet address directly in INJ - A 1% platform fee is automatically split and sent to the platform wallet in the same transaction flow
- The buyer copies the transaction hash and submits it to our backend API
The backend independently verifies every transaction hash against the live Injective chain before recording a purchase. It confirms:
- The transaction hash exists and was successful
- The correct sender and recipient wallet addresses
- The amount paid matches or exceeds the workflow's listed price in INJ
- The transaction has not been used to unlock a previous purchase (replay protection)
The platform fetches live INJ balances from the Injective LCD REST endpoint and displays them in real-time in the navigation bar header, so users always know their available balance before purchasing.
Testnet: injective-888 | https://testnet.sentry.lcd.injective.network
Mainnet: injective-1 | (switch via INJECTIVE_CHAIN_ID env variable)
Inject is a full-stack marketplace platform for n8n automation workflows — not exclusively crypto tools. Any n8n workflow is eligible: e-commerce bots, email pipelines, social media schedulers, Slack notification systems, AI assistants, data transformers, and more.
The three core user flows:
Connect Wallet -> Browse Marketplace -> Read AI Audit Report
-> Pay with INJ -> Access Template -> Deploy to Managed Server
Connect Wallet -> Export Workflow JSON from n8n
-> Upload to Inject -> AI Audit Runs Automatically
-> Set Price in INJ -> Listing Goes Live -> Receive Payments
Purchase a Workflow -> Open Vault -> Click "Run Workflow"
-> Inject spins up an isolated n8n Docker container via Render API
-> Receive unique n8n login credentials -> Access live workflow instance
| Feature | Description |
|---|---|
| AI Security Audit | Every upload is analyzed by AI — risk score, issues, setup guide |
| Workflow Marketplace | Browse, search, and filter verified n8n templates by category |
| Native INJ Payments | Non-custodial on-chain payments via Keplr, Ninji, or Leap |
| On-Chain Verification | Backend verifies every tx hash against live Injective chain |
| One-Click Deploy | Spin up a private n8n server for any purchased workflow in one click |
| Encrypted Vault | AES-256 encrypted credential store tied to your wallet identity |
| Seller Dashboard | Analytics, listing management, and earnings overview for sellers |
| Rate Limiting | 200 req/min per IP via slowapi to prevent abuse |
| SHA-256 Integrity Hashing | Workflow files are fingerprinted on upload for tamper detection |
| Fully Responsive | Mobile-first design, works on all device sizes |
+-------------------------------------------------------------+
| React 19 Frontend |
| Vite * Tailwind CSS * React Router |
+--------------------------+----------------------------------+
| HTTPS REST
+------------v--------------+
| FastAPI Backend (Python)|
| Uvicorn * SlowAPI (RLS) |
+---+------+------+---------+
| | |
+------------v+ +--v--+ +----------------------+
| Supabase | | AI | |
| PostgreSQL | |Engi-| +----------------v---+
| + Storage | | ne | | Injective Protocol |
| + RLS Auth | +-----+ | (LCD REST / GRPC) |
+-------------+ +--------------------+
|
+------------------v--------------+
| Render.com n8n Docker Hosting |
| Per-purchase isolated instances|
+---------------------------------+
| Layer | Technology |
|---|---|
| Frontend | React 19, Vite, Tailwind CSS |
| Wallet SDK | @injectivelabs/wallet-ts, @injectivelabs/sdk-ts |
| Backend | Python 3.12, FastAPI, Uvicorn |
| AI Engine | Advanced AI Model |
| Database | Supabase (PostgreSQL) + Supabase Storage |
| Blockchain | Injective Protocol — Testnet injective-888 |
| Encryption | Python cryptography (Fernet / AES-256) for vault secrets |
| Deployment | Render.com (Docker backend + static frontend) |
| n8n Hosting | Render REST API — Docker container per user |
| Rate Limiting | slowapi — 200 req/min per IP |
inject/
|-- backend/
| |-- main.py # FastAPI entry point, CORS, rate limiting
| |-- config.py # All settings loaded from environment variables
| |-- database.py # Supabase + SQLite fallback data access layer
| |-- models.py # Pydantic request/response models
| |-- schema.sql # Full Supabase schema + RLS policies
| |-- requirements.txt # Python dependencies
| |-- Dockerfile # Production Docker image
| |-- .env.example # All required environment variables (template)
| |-- routers/
| | |-- workflows.py # Upload, list, search, delete workflows
| | |-- purchases.py # Purchase flow + on-chain tx verification
| | |-- vault.py # Encrypted credential store
| | |-- deploy.py # n8n container deployment via Render API
| | `-- injective.py # Injective chain proxy (balance, tx lookup)
| `-- services/
| |-- ai_verifier.py # AI analysis engine
| |-- render_client.py # Render REST client for n8n deployments
| `-- encryption.py # AES-256 vault secret encryption
|
|-- frontend/
| `-- src/
| |-- main.jsx # App entry point + route definitions
| |-- index.css # Global design system (CSS variables)
| |-- pages/
| | |-- Landing.jsx # Homepage — features, roadmap, featured listings
| | |-- Connect.jsx # Wallet connection + onboarding
| | |-- Marketplace.jsx # Searchable workflow catalogue
| | |-- WorkflowDetail.jsx # Listing page with AI audit report + purchase
| | |-- Dashboard.jsx # Seller analytics + workflow management
| | `-- Vault.jsx # Buyer vault — purchases, credentials, deployments
| |-- context/
| | `-- WalletContext.jsx # Global wallet state (address, balance)
| `-- services/
| `-- api.js # Typed API client for all backend endpoints
|
|-- render.yaml # Render Blueprint — one-click deploy both services
`-- README.md
-- AI-audited workflow listings
workflows (id, seller_address, name, description, price_inj, category,
workflow_file_url, workflow_hash, verified, verification_score,
risk_level, ai_summary, node_count, credential_details, ...)
-- On-chain verified purchases
purchases (id, workflow_id, buyer_address, tx_hash, amount_paid,
platform_fee, seller_received, purchased_at)
-- AES-256 encrypted credential store
vault_secrets (id, user_address, provider_label, encrypted_value, created_at)
-- n8n deployment tracking
deployments (id, user_address, workflow_id, render_service_id, render_url,
status, created_at)All tables have Row Level Security (RLS) enabled. The backend accesses Supabase using the service role key. The browser never touches the database directly.
Interactive Swagger docs: https://inject-x0h9.onrender.com/docs
| Method | Endpoint | Description |
|---|---|---|
GET |
/health |
Service status (Supabase, AI Engine, Render, Injective) |
GET |
/api/workflows |
Paginated workflow marketplace listings |
POST |
/api/workflows/upload |
Upload workflow — triggers AI audit |
GET |
/api/workflows/{id} |
Full listing with AI audit results |
POST |
/api/purchases/verify |
Verify on-chain INJ tx + record purchase |
GET |
/api/purchases/{address} |
Buyer's purchase history |
GET |
/api/vault/secrets/{address} |
List encrypted credentials |
POST |
/api/vault/secrets |
Store new encrypted credential |
POST |
/api/deploy |
Deploy workflow to managed n8n instance |
GET |
/api/deploy/status/{id} |
Poll deployment status |
GET |
/api/injective/balances/{address} |
Live INJ wallet balance from chain |
GET |
/api/injective/tx/{hash} |
Verify transaction on Injective chain |
- Python 3.11+
- Node.js 18+
- Supabase project
- API key for the AI Engine
- Keplr, Ninji, or Leap wallet (Injective Testnet)
In your Supabase SQL Editor, run the full contents of backend/schema.sql. This creates all tables, indexes, RLS policies, and the workflow-files storage bucket.
cd backend
python -m venv venv && source venv/bin/activate # Windows: venv\Scripts\activate
pip install -r requirements.txt
cp .env.example .env # Fill in your keys
uvicorn main:app --reload --port 8000
# API: http://localhost:8000
# Docs: http://localhost:8000/docscd frontend
npm install
echo "VITE_API_URL=http://localhost:8000" > .env
npm run dev
# App: http://localhost:5173| Variable | Required | Description |
|---|---|---|
SUPABASE_URL |
Yes | Supabase project URL |
SUPABASE_KEY |
Yes | Supabase anon key |
SUPABASE_SERVICE_KEY |
Yes | Supabase service role key |
GEMINI_API_KEY |
Yes | API key — powers AI auditing |
AI_MODEL |
No | AI model |
RENDER_API_KEY |
No | Render API key for n8n deployments |
RENDER_OWNER_ID |
No | Render account owner ID |
PLATFORM_WALLET |
Yes | Your INJ wallet address to receive fees |
PLATFORM_FEE_PERCENT |
No | Fee percentage per sale (default: 1) |
ENCRYPTION_SECRET |
Yes | 32+ char hex secret for vault AES-256 encryption |
INJECTIVE_CHAIN_ID |
No | injective-888 (testnet) or injective-1 (mainnet) |
FRONTEND_URL |
Yes | Frontend URL for CORS whitelist |
Never commit
.envto version control. It is already in.gitignore.
Generate a secure encryption secret:
python -c "import secrets; print(secrets.token_hex(32))"| Variable | Required | Description |
|---|---|---|
VITE_API_URL |
Yes | Backend API URL |
VITE_INJECTIVE_CHAIN_ID |
No | Chain ID for wallet SDK |
The repo ships with a render.yaml Blueprint for one-command cloud deployment.
Deploy to Render:
- Fork this repo to your GitHub
- Go to Render Dashboard -> New -> Blueprint
- Connect the repo — Render reads
render.yamlautomatically - Fill in the secret environment variables when prompted
- Click Apply — backend and frontend deploy simultaneously
Manual Docker (backend only):
docker build -t inject-backend ./backend
docker run -p 8000:8000 --env-file ./backend/.env inject-backend| Feature | Status |
|---|---|
| AI-Powered Workflow Security Auditing | Live |
| n8n Workflow Marketplace | Live |
| Native INJ Payments + On-Chain Verification | Live |
| Encrypted Credential Vault | Live |
| One-Click n8n Hosting (Render) | Live (Beta) |
| Native Hosted Deployment Plans (in-app billing) | In Development |
| Workflow Design Studio (in-browser n8n editor) | In Development |
| Multi-Chain Support (Ethereum, Solana, Cosmos) | Planned |
| Subscription-based workflow access | Planned |
MIT License — see LICENSE for details.