n8n Workflow Lifecycle
The six stages
- PLAN. Gather requirements, ask clarifying questions, search for existing workflows / sub-workflows that already do this.
- BUILD. Write SDK code (with skills: subworkflows, node-config, expressions, code-nodes; readability section below).
- VALIDATE. + for connections, then have the user verify per-node credentials and create anything you couldn't (missing credentials, folders, etc).
- TEST. with ; iterate until output matches intent.
- PUBLISH. only after stages 3 and 4 are clean.
- HANDOFF. Production handoff: how to trigger it, what it returns, what to watch, what they should know to use it well.
Skipping a stage produces workflows that look done but break in production, or solve the wrong problem entirely. Three most common skips:
- Build before plan. "User asked for X, I'll start coding" without confirming what X means, whether the same logic already exists as a sub-workflow, or which folder/project it belongs in. Cheaper to ask one clarifying question than to rebuild after.
- Test before user-side wire-up. Running before the user has verified credentials per node hits the wrong service or 401s. Get the user-side setup done as part of VALIDATE.
- Publish without test. Validation passing means the SDK is well-formed; it does NOT mean the workflow is correct.
Non-negotiables
- Validate AND verify before publish. Run on the SDK code, then after every create/update to check the object. Validation alone misses silently dropped wires.
- Surface known limitations to the user. If folders, MCP access, or any other limitation blocks the request, say so explicitly and propose a path. Don't silently dump workflows at the wrong location or report success on a request you couldn't fully fulfill.
- Ask before testing when not-auto-pinned downstreams have side effects. auto-pins triggers, credentialed nodes, and HTTP Request nodes. Everything else (Code, Edit Fields, If, Wait, Execute Command, file ops, sub-workflow calls, Data Tables) runs for real. Ask the user before running if any of those would fire user-visible side effects. See .
Strong defaults
- Test before publish with + . See for mocking by trigger type, pinning individual nodes, and the side-effect surface. Looser for internal one-off scripts you watch run.
- Always include a on
create_workflow_from_code
Validation isn't enough
runs schema and shape checks: missing parameters, type errors, references to non-existent nodes. It does
not catch:
- The -inside- connection trap (silent dropped wires)
- Fan-outs collapsed to a single connection
- Merge index off-by-one
- Error outputs wired without
onError: 'continueErrorOutput'
- Parameters that are syntactically valid but semantically wrong (e.g., wrong sheet ID, wrong column name)
Validation is necessary but not sufficient. The real gate is:
- passes.
- returns a object that matches your intent (see and its ).
- produces the right output on representative pinned data.
For the full pre-publish checklist, see
references/VALIDATION_CHECKLIST.md
.
Naming conventions
Bad names compound: a workflow that's hard to find six months from now gets duplicated.
For full conventions (verb-noun patterns, capitalization, prefixes), read
references/NAMING_CONVENTIONS.md
. Short version:
- Workflows: verb-first, scoped.
Send weekly customer report
- Nodes: describe what they do in this workflow, not the node type. not .
- Sub-workflows: prefix with the domain or for stateless reusable ones.
Subworkflow: Parse RFC2822 date
search_workflows({ query })
references/NAMING_AND_DISCOVERY.md
- Tags: UI-only. The MCP can't read or write tags, so they're for humans browsing the UI. Don't rely on them for AI discovery.
Readability: descriptions, sticky notes, conventions
For any workflow over ~5 nodes, three levers carry the readability load:
- Workflow : capture the why, including AI-derived context. Two sentences: what it does and why it exists. Most importantly, capture context you had during conversation that won't otherwise survive into the file (the constraint that drove the design, why this approach over the alternative, the user's reason for asking). Otherwise it dies with the chat.
- Sticky notes: group nodes by purpose. Use the
n8n-nodes-base.stickyNote
- Node for non-obvious config. Explain why a workaround exists or a Code node does what it does. Don't annotate obvious nodes.
Plus two notes:
- Match existing project conventions before introducing your own. Skim a couple of nearby workflows via + and mirror the sticky palette, naming, and description style.
- Layout is auto-applied on create / update. SDK values for non-sticky nodes are ignored. Stickies and naming are your readability levers.
Folder limitations
The MCP can place a workflow into a folder that already exists. It cannot:
- Create new folders
- Move existing folders
- Move existing workflows between folders
If the user asks for a folder that doesn't exist, say so before building. Don't silently create at the project root and report success. Surface options:
- User creates the folder manually, then you place workflows into it.
- Use a different existing folder.
- Confirm root-level placement is acceptable.
For the full protocol including detecting existing folders via
, read
references/FOLDER_LIMITATIONS.md
.
Per-workflow MCP access
Each workflow has an
flag. The default depends on who created it:
- Workflows created via the MCP (
create_workflow_from_code
- Workflows created in the n8n UI can default to off. Until the user flips the toggle, the workflow is invisible to you.
The #1 case where this bites: the user built a workflow manually in the UI and now wants you to inspect or edit it, but you can't see it. Before assuming it doesn't exist or you're searching the wrong project, ask the user to confirm MCP access is enabled.
Sub-workflows called via MCP: the caller can use them as code-level sub-workflows without the toggle. To invoke as MCP-exposed tools, the toggle is required (and is on by default for MCP-created sub-workflows).
For the full case-by-case guide and user-facing message, read
references/MCP_ACCESS_PER_WORKFLOW.md
.
User-side wire-up (part of stage 3)
There are things the user has to do that you can't, and they need to be done before testing, otherwise the test fires against the wrong credential, hits a missing folder, or 401s. Surface these as a short list during VALIDATE, before TEST:
- Verify credentials per node. is cosmetic. n8n auto-assigns the most recently edited credential of the right type, which silently picks the wrong one when the user has multiples (prod vs staging Gmail, two API keys). Tell them: "open every node that uses a credential and confirm the right one is selected." See
n8n-credentials-and-security
- Create missing credentials. If the user pasted a secret in chat or the workflow needs an account that doesn't exist yet, name the credential type and have them create it in the UI.
- Create missing folders. The MCP can't create folders. If the user wanted a folder that doesn't exist, they create it before you can place the workflow there. See
references/FOLDER_LIMITATIONS.md
- MCP access toggle for user created workflows. Workflows you create via the MCP are MCP-accessible by default. The toggle only matters when the test depends on a UI-created workflow being callable from the MCP. See
references/MCP_ACCESS_PER_WORKFLOW.md
Don't proceed to TEST until these are confirmed done.
Handoff: production handoff (stage 6)
After
and a clean test, the workflow is technically live, but the user still needs enough context to actually
use it in production. Treat this like the freelancer-to-customer handoff: short, structured, and oriented toward how they'll operate it from here.
What to include:
- How it triggers. Webhook URL (live now that it's published), schedule cadence + timezone, manual trigger button, sub-workflow caller, whichever applies. For webhooks, hand them the URL.
- What it returns / where the data goes. One sentence. "Writes new rows to the table," "responds JSON to the caller," "fires the on-call Slack channel."
- How to invoke it for real, with an example. "Hit the webhook with
curl -X POST <url> -d '{...}'
- What to watch. Failure modes that surface as alerts/errors, rate-limit ceilings on upstream services, and where to look first when something breaks (executions tab, error workflow, audit log, etc.).
- MCP access status. If you created the workflow via the MCP, it's already MCP-accessible. Let the user know they can revoke access in Settings if they want to lock it down. If they hand-built it in the UI, they need to flip MCP access on for any other agent to call it.
- Anything still pending on their side. Secret rotation if a token was pasted in chat, follow-up wiring you couldn't reach, known TODOs left in stickies.
Keep it tight: half a dozen bullets, not a wall of text. The user shouldn't have to ask "ok, what now?"
Reference files
| File | Read when |
|---|
references/NAMING_CONVENTIONS.md
| Naming a new workflow, sub-workflow, or node |
references/FOLDER_LIMITATIONS.md
| User mentions a folder, project structure, or wants workflows organized |
references/MCP_ACCESS_PER_WORKFLOW.md
| Building a workflow that you or another agent will call via MCP |
references/VALIDATION_CHECKLIST.md
| Just finished a workflow and about to call |
references/REVIEW_CHECKLIST.md
| Reviewing or auditing an existing workflow (any age, any author). Severity-tiered findings, distinct from the pre-publish validation checklist |
| About to run or , mocking trigger input, side-effect protocol |
Anti-patterns
| Anti-pattern | What goes wrong | Fix |
|---|
| Calling without validating | Broken workflows reach production | Validate, verify connections, then test |
| Skipping after create | Silent connection bugs ship | Always pull the workflow back. See |
| Creating workflows at root because the requested folder doesn't exist | Workflows get lost, and the user has to drag them manually | Surface the limitation before building |
| Generic node names (, ) | Workflows are unreadable a month later | Rename to describe the action |
Missing on create_workflow_from_code
| Workflow invisible in search, no context for maintainers | Always include 1-2 sentences |
| Asking the user to flip the MCP access toggle on a workflow you created via the MCP | Wastes their time, agent-created workflows default to MCP-accessible | Only mention the toggle for UI-created workflows, or when the user wants to revoke MCP access on an agent-created one |
| Running on a workflow with side-effecty non-pinned downstreams without asking | Real Data Table write, real sub-workflow side effects, real Execute Command output, etc. Triggers + credentialed nodes + HTTP get pinned, nothing else does | Ask first. See . |
| No sticky notes on a 15-node workflow | Reader has to read every node to find what they want | Add stickies per logical section. See "Readability" above |
| Sticky titled "Set, If, Set" or sticky-of-every-color | Re-states what's visible / color becomes pure noise | Title with the purpose; one color per category |
description: "Sends Slack."
| Adds nothing visible from the trigger and Slack node | Include why + AI-derived context: "Sends weekly summary to founders. Replaces manual report that kept getting skipped." |
| Designing fan-out branches as if they execute concurrently | n8n runs fan-out branches sequentially, top-to-bottom by Y-position. Total runtime is the sum of branches, not the max | For real concurrency, dispatch via with + waitForSubWorkflow: false
|