@radware/n8n-nodes-radware-agentic-protection
v0.3.1
Published
n8n community node for Radware Agentic AI Protection in-path enforcement
Readme
n8n Radware Agentic AI Protection
This package provides the Radware Chat Model community node for n8n AI Agents.
It is intentionally positioned as an in-path integration only. In n8n, this is the only clean customer deployment pattern that can protect the AI Agent interaction as a full model path: AI Guardrails for prompts and responses, plus Behavioral / Agentic Protection when tool context is present in the model request.
Out-of-path is not exposed as a public node in this package. n8n community nodes cannot globally intercept every native AI Agent tool or workflow action before execution. An explicit guard node can protect only the actions a customer manually routes through it, which is not a full one-go n8n AI Agent protection deployment.
Installation
Install in n8n (recommended)
- In n8n, go to Settings -> Community Nodes.
- Click Install.
- Enter the package name:
@radware/n8n-nodes-radware-agentic-protection. - Agree to the community node risk notice.
- Click Install and wait for n8n to finish installing the package.
Self-hosted / manual install (alternative)
For self-hosted instances where you manage packages directly:
npm install @radware/n8n-nodes-radware-agentic-protectionRestart the n8n instance after a manual install so it picks up the new node.
Migrating from the legacy package
The official Radware package replaces the legacy unscoped package
n8n-nodes-radware-agentic-protection.
- Export or back up important workflows before changing community packages.
- Uninstall the legacy package from Settings -> Community Nodes.
- Install
@radware/n8n-nodes-radware-agentic-protection. - Open each protected workflow and confirm
Radware Chat Modelis connected to the AI Agent. - Re-select the existing
Radware In-Path APIcredential if n8n asks for it, then run a benign test and a policy-block test.
The Radware API credential itself does not change. The package scope changes the n8n node type identifier, so existing workflows must be checked after migration.
Credential
Create a Radware homegrown agent with in-path enforcement in Radware Cloud:
https://console.radwarecloud.com/Getting your Radware API key
Your Radware API key is created in the Radware Cloud portal (
console.radwarecloud.com) when you add a Homegrown Agent with In-Path Enforcement. The key starts withsk-rdwr-and is displayed only once, at creation time. Copy it and store it securely (a secret manager or your n8n credential store) immediately — Radware cannot show it to you again.
Then create Radware In-Path API credentials in n8n:
Radware API Key: API key copied from the Radware in-path homegrown agent.Provider: provider segment Radware forwards to, such asopenai,anthropic,google, or custom.Resolved Base URL: optional full base URL. If empty, the node useshttps://api.agentic.radwarecto.com/v1/<provider>.
Do not store Radware keys in workflow JSON, screenshots, Git, or validation reports.
Node
Radware Chat Model
Use this node as the LLM model connection for n8n AI Agents. The AI Agent sends model traffic to Radware instead of directly to OpenAI, Gemini, Anthropic, or another provider. Radware applies Agentic AI Protection and proxies the request to the provider configured for the Radware homegrown agent.
Typical canvas:
Chat Trigger -> AI Agent
^
Radware Chat ModelDirect OpenAI/Gemini/etc. model credentials are not used by that AI Agent path. The customer configures the upstream provider in Radware Cloud.
Coverage
- AI Guardrails: prompt, response, topic, HAPBlocker, and PII controls through the in-path model request/response.
- Behavioral / Agentic Protection: unsafe tool/action detection when the AI Agent's model request includes the relevant tool definitions and tool-call context.
For Behavioral validation, use a deterministic tool-call case where the model request includes the prior tool output and all relevant tools, for example read_email and send_email.
Example
examples/in-path-agent-model-example.json: AI Agent usingRadware Chat Modelas its in-path model.
Validation
Minimum validation:
- Benign prompt is allowed.
- Credit-card PII prompt is blocked by AI Guardrails.
- HAPBlocker prompt is blocked by AI Guardrails.
- Medical/medicine blocked-topic prompt is blocked by AI Guardrails.
- Benign tool action is allowed.
- Malicious tool action is blocked by Behavioral / Agentic Protection when full tool context is present.
See docs/validation.md.
Security Notes
- The package has no runtime dependencies.
- The package exposes only the in-path language model node for n8n customers.
- In-path is fail-close by default: if Radware/provider connectivity fails, the AI Agent model turn fails rather than silently calling an unprotected provider.
