Angel Menendez
Angel Menendez is a Staff Developer Advocate at n8n.io, specializing in low-code tools for cybersecurity workflows. From Puerto Rico, Angel's tech journey began by helping his father translate technical books. He later started a web development business and transitioned from a career as a flight attendant to cybersecurity engineering. His workflows have saved companies significant time. Outside work, Angel enjoys time with his two sons, riding electric bikes, reading, and exploring new places.
Categories
Templates by Angel Menendez
IT ops AI SlackBot workflow - chat with your knowledge base
Video Demo: Click here to see a video of this workflow in action. Summary Description: The "IT Department Q&A Workflow" is designed to streamline and automate the process of handling IT-related inquiries from employees through Slack. When an employee sends a direct message (DM) to the IT department's Slack channel, the workflow is triggered. The initial step involves the "Receive DMs" node, which listens for new messages. Upon receiving a message, the workflow verifies the webhook by responding to Slack's challenge request, ensuring that the communication channel is active and secure. Once the webhook is verified, the workflow checks if the message sender is a bot using the "Check if Bot" node. If the sender is identified as a bot, the workflow terminates the process to avoid unnecessary actions. If the sender is a human, the workflow sends an acknowledgment message back to the user, confirming that their query is being processed. This is achieved through the "Send Initial Message" node, which posts a simple message like "On it!" to the user's Slack channel. The core functionality of the workflow is powered by the "AI Agent" node, which utilizes the OpenAI GPT-4 model to interpret and respond to the user's query. This AI-driven node processes the text of the received message, generating an appropriate response based on the context and information available. To maintain conversation context, the "Window Buffer Memory" node stores the last five messages from each user, ensuring that the AI agent can provide coherent and contextually relevant answers. Additionally, the workflow includes a custom Knowledge Base (KB) tool (see that tool template here) that integrates with the AI agent, allowing it to search the company's internal KB for relevant information. After generating the response, the workflow cleans up the initial acknowledgment message using the "Delete Initial Message" node to keep the conversation thread clean. Finally, the generated response is sent back to the user via the "Send Message" node, providing them with the information or assistance they requested. This workflow effectively automates the IT support process, reducing response times and improving efficiency. To quickly deploy the Knowledge Ninja app in Slack, use the app manifest below and don't forget to replace the two sample urls: { "display_information": { "name": "Knowledge Ninja", "description": "IT Department Q&A Workflow", "background_color": "005e5e" }, "features": { "bot_user": { "display_name": "IT Ops AI SlackBot Workflow", "always_online": true } }, "oauth_config": { "redirect_urls": [ "Replace everything inside the double quotes with your slack redirect oauth url, for example: https://n8n.domain.com/rest/oauth2-credential/callback" ], "scopes": { "user": [ "search:read" ], "bot": [ "chat:write", "chat:write.customize", "groups:history", "groups:read", "groups:write", "groups:write.invites", "groups:write.topic", "im:history", "im:read", "im:write", "mpim:history", "mpim:read", "mpim:write", "mpim:write.topic", "usergroups:read", "usergroups:write", "users:write", "channels:history" ] } }, "settings": { "event_subscriptions": { "request_url": "Replace everything inside the double quotes with your workflow webhook url, for example: https://n8n.domain.com/webhook/99db3e73-57d8-4107-ab02-5b7e713894ad", "bot_events": [ "message.im" ] }, "orgdeployenabled": false, "socketmodeenabled": false, "tokenrotationenabled": false } }
By Angel MenendezBackup n8n workflows to Google Drive
Temporary solution using the undocumented REST API for backups using Google drive. Please note that there are issues with this workflow. It does not support versioning, so please know that it will create multiple copies of the workflows so if you run this daily it will make the folder grow quickly. Once I figure out how to version in Gdrive I'll update it here.
By Angel MenendezAnalyze email headers for IP reputation and spoofing detection - Gmail
Analyze Emails for Security Insights Who is this for? This workflow is ideal for IT professionals, security analysts, and organizations looking to enhance their email security practices. It is particularly useful for those who need to analyze Gmail email headers for IP tracking, spoofing detection, and sender reputation assessment. What problem is this workflow solving? Email spoofing and phishing attacks are significant cybersecurity threats. By analyzing email headers, this workflow provides detailed insights into the email's origin, authentication status, and the reputation of the sending IP address. It helps detect potential spoofing attempts and assess the trustworthiness of incoming emails. What this workflow does This n8n workflow automates the process of analyzing email headers received in Gmail. It performs the following key functions: Triggering and Email Header Extraction: It monitors Gmail inboxes for new emails and extracts their headers for analysis. Authentication Analysis: It validates SPF, DKIM, and DMARC authentication results to ensure the email adheres to industry-standard security protocols. IP Analysis: The workflow extracts the originating IP address and evaluates its reputation and geographic details using external APIs. Reputation Scoring: It integrates with IP Quality Score to detect spam activity and assess the sender's reputation. Consolidation and Webhook Response: All results are aggregated into a single JSON response, making it easy to integrate with third-party platforms or tools for further automation. Setup Authenticate Gmail: Configure the Gmail Trigger node with your Gmail account credentials. API Keys (Optional): Obtain an API key for IP Quality Score (https://ipqualityscore.com). Ensure the IP-API endpoint is accessible. This step is optional as ipqualityscore.com will provide a limited number of free lookups each month. See more details here. Activate the Workflow: Ensure the workflow is active to process incoming emails in real-time. How to customize this workflow to your needs Add Alerts: Use the Gmail - Respond to Webhook node to trigger notifications in Slack, email, or any other communication channel. Integrate with SIEM: Forward the workflow output to SIEM tools like Splunk or ELK Stack for further analysis. Modify Validation Rules: Update SPF, DKIM, or DMARC logic in the Set nodes to align with your organization’s security policies. Expand IP Analysis: Add more APIs or services to enrich IP reputation data, such as VirusTotal or AbuseIPDB. --- This workflow provides a robust foundation for email security monitoring and can be tailored to fit your organization's unique requirements. With its modular design and integration options, it’s a versatile tool to enhance your cybersecurity operations.
By Angel MenendezEvaluate tool usage accuracy in multi-agent AI workflows using evaluation nodes
Who's it for ------------ This workflow is ideal for AI developers running multi-agent systems in n8n who need to quantitatively evaluate tool usage behavior. If you're building autonomous agents and want to verify their decisions against ground-truth expectations, this workflow gives you plug-and-play observability. What it does ------------ This template uses n8n's built-in Evaluation Trigger and Evaluation nodes to assess whether an AI agent correctly used all the expected tools. It supports: Dataset-driven testing of agent behavior Logging actual tools to compare them with the expected tools Assigning performance metrics (tool_called = true/false) Persisting output back to Google Sheets for further debugging The workflow can be triggered by either the chat input or the dataset row evaluation. It routes through a multi-tool agent node powered by the best LLMs. The agent has access to tools such as web search, calculator, vector search, and summarizer tools. The workflow then aims to validate tool use decisions by extracting the intermediate steps from the agent (i.e., action + observation) and comparing the tools that were called with the expected tools. If the tools that were called during the workflow execution match, then it's a pass; otherwise, it's documented as a fail. The evaluation nodes take care of that process. How to set it up ---------------- Connect your Google Sheets OAuth2 credential. Replace the document with your own test dataset. Set your desired models and configure the different agent tools, such as the summarizer and vector store. The default vector store used is Qdrant, so the user must create this vector store with a few samples of queries + web search results. Run from either the chat trigger or the evaluation trigger to test. Requirements ------------ Google Sheets OAuth2 credential OpenRouter / OpenAI credentials for AI agents and embeddings Firecrawl and Qdrant credentials for web + vector search How to customize ---------------- Edit the Search Agent system message to define tool selection behavior Add more metric columns in the Evaluation node for complex scoring Add new tool nodes and link them to the agent block Swap in your own summarizer
By Angel MenendezVoiceflow demo support chatbot
Submission Overview for Voiceflow Demo Workflow View the YouTube video for this workflow here. Who is this for? This workflow is ideal for businesses and developers using Voiceflow to power AI voice chatbots. It benefits teams that want to enhance chatbot functionality through integrations with platforms like Zendesk, Google Calendar, and Airtable. What problem is this workflow solving? The workflow addresses the need for seamless integration of chatbot interactions with backend systems. It automates customer service tasks such as ticket creation, meeting scheduling, and data reporting, reducing manual effort and enhancing efficiency. What does this workflow do? Customer Lookup: Checks the database for existing customers and returns relevant details or a "NOT_FOUND" status. Zendesk Ticket Creation: Automates the creation of support tickets for customer issues. Meeting Scheduling: Integrates with Google Calendar to provide availability and schedule meetings. Transcript Reporting: Aggregates interaction data and sends it to Airtable for analysis by the product team. Setup Configure your Voiceflow chatbot to connect to this workflow via a webhook. Set up the required integrations: Zendesk API: For ticket creation. Google Calendar API: For scheduling. Airtable API: For storing transcripts. Customize the workflow's nodes to match your use case, such as database fields or API endpoints. Deploy the workflow on your n8n instance and test the integrations. How to customize this workflow to your needs Adjust database queries to match your customer data schema. Modify the Zendesk ticket payload to include additional fields or custom formats. Update Google Calendar configurations for different scheduling requirements. Add or remove Airtable fields based on the product team's analysis needs. This template adheres to n8n’s submission guidelines, ensuring clarity, relevance, and broad applicability for users in customer service, product development, and automation.
By Angel MenendezAnalyze & sort suspicious email contents with ChatGPT
Analyze & Sort Suspicious Email Contents with ChatGPT and Jira Who is this for? This workflow is tailored for IT security teams, managed service providers (MSPs), and organizations aiming to streamline the detection and reporting of phishing emails. It's especially useful for teams handling high email volumes and requiring quick, automated analysis. What problem is this workflow solving? Phishing emails pose a significant cybersecurity threat, and manual review processes are time-consuming and prone to human error. This workflow automates the identification of malicious emails, provides AI-driven insights, and generates structured reports, enabling faster and more efficient responses to email-based threats. What this workflow does This workflow integrates Gmail or Microsoft Outlook to monitor and capture incoming emails. It processes the email content and headers, converts the email's body to a visual screenshot for clarity, and uses ChatGPT's advanced AI to analyze the email for phishing indicators. Based on the analysis, it categorizes emails as potentially malicious or benign, creating detailed Jira tickets for each case. Attachments, including the email body and screenshots, are automatically uploaded for comprehensive reporting. Key steps include: Email Integration: Captures emails from Gmail or Microsoft Outlook. Content Processing: Extracts and organizes email content and metadata. AI Analysis: Uses ChatGPT to evaluate email content and headers. Classification: Categorizes emails as malicious or benign. Automated Reporting: Creates Jira tickets with detailed analysis and attachments. Setup Authentication: Configure Gmail or Microsoft Outlook credentials in n8n. API Keys: Add credentials for the HTML screenshot service (hcti.io) and OpenAI. Jira Configuration: Set up project and issue types in the Jira nodes. Customization: Update sticky notes and nodes to fit your organizational requirements, such as modifying the AI prompt or Jira ticket fields. How to customize this workflow to your needs Adjust email triggers to include or exclude specific senders or subjects. Refine the AI prompt in the ChatGPT node to tailor phishing detection criteria. Modify Jira ticket content to include additional fields or match specific workflows. This workflow is ideal for automating email threat detection, reducing response times, and enhancing overall cybersecurity processes. By leveraging AI-powered insights, it helps organizations stay ahead of phishing attacks.
By Angel MenendezKB tool - Confluence knowledge base
Enhance Query Resolution with the Knowledge Base Tool! Our KB Tool - Confluence KB is crafted to seamlessly integrate into the IT Ops AI SlackBot Workflow, enhancing the IT support process by enabling sophisticated search and response capabilities via Slack. Workflow Functionality: Receive Queries: Directly accepts user queries from the main workflow, initiating a dynamic search process. AI-Powered Query Transformation: Utilizes OpenAI's models or local ai to refine user queries into searchable keywords that are most likely to retrieve relevant information from the Knowledge Base. Confluence Integration: Executes searches within Confluence using the refined keywords to find the most applicable articles and information. Deliver Accurate Responses: Gathers essential details from the Confluence results, including article titles, links, and summaries, preparing them to be sent back to the parent workflow for final user response. To view a demo video of this workflow in action, click here. Quick Setup Guide: Ensure correct configurations are set for OpenAI and Confluence API integrations. Customize query transformation logic as per your specific Knowledge Base structure to improve search accuracy. Need Help? Dive into our Documentation or get support from the Community Forum! Deploy this tool to provide precise and informative responses, significantly boosting the efficiency and reliability of your IT support workflow.
By Angel MenendezAnalyze email headers for IP reputation and spoofing detection - Outlook
Analyze Emails for Security Insights Who is this for? This workflow is ideal for security teams, IT Ops professionals, and managed service providers (MSPs) responsible for monitoring and validating email traffic. It’s especially useful for organizations that need to identify potential phishing attempts, spam, or compromised accounts by analyzing email headers and IP reputation. --- What problem is this workflow solving? This workflow helps identify malicious or suspicious emails by verifying email authentication headers (SPF, DKIM, DMARC) and analyzing the reputation of the originating IP address. By automating these checks, it reduces manual analysis time and flags potential threats efficiently. --- What this workflow does Email Monitoring: Polls a specified Microsoft Outlook folder for new emails in real-time. Header Analysis: Retrieves and processes email headers to extract critical information such as authentication results and the sender’s IP address. IP Reputation Check: Leverages external APIs (IP Quality Score and IP-API) to analyze the originating IP for potential spam or malicious activity. Authentication Validation: Validates SPF, DKIM, and DMARC headers, determining if the email passes industry-standard authentication protocols. Data Aggregation and Reporting: Combines all analyzed data into a unified format, ready for reporting or integration into downstream systems. Webhook Integration: Outputs the findings via a webhook, enabling integration with alerting tools or security information and event management (SIEM) platforms. --- Setup Connect to Outlook: Configure the Microsoft Outlook trigger node with valid OAuth2 credentials. Specify the email folder to monitor for new messages. API Keys (Optional): Obtain an API key for IP Quality Score (https://ipqualityscore.com). Ensure the IP-API endpoint is accessible. This step is optional as ipqualityscore.com will provide a limited number of free lookups each month. See more details here. Webhook Configuration: Set up a webhook endpoint to receive the output of the workflow. Optional Adjustments: Customize polling intervals in the trigger node. Modify header filters or extend the validation logic as needed. --- How to customize this workflow to your needs Add Alerts: Use the Respond to Webhook node to trigger notifications in Slack, email, or any other communication channel. Integrate with SIEM: Forward the workflow output to SIEM tools like Splunk or ELK Stack for further analysis. Modify Validation Rules: Update SPF, DKIM, or DMARC logic in the Set nodes to align with your organization’s security policies. Expand IP Analysis: Add more APIs or services to enrich IP reputation data, such as VirusTotal or AbuseIPDB. --- This workflow provides a robust foundation for email security monitoring and can be tailored to fit your organization's unique requirements. With its modular design and integration options, it’s a versatile tool to enhance your cybersecurity operations.
By Angel MenendezAnalyze suspicious email contents with ChatGPT Vision
Phishing Email Detection and Reporting with n8n Who is this for? This workflow is designed for IT teams, security professionals, and managed service providers (MSPs) looking to automate the process of detecting, analyzing, and reporting phishing emails. What problem is this workflow solving? Phishing emails are a significant cybersecurity threat, and manually detecting and reporting them is time-consuming and prone to errors. This workflow streamlines the process by automating email analysis, generating detailed reports, and logging incidents in a centralized system like Jira. What this workflow does This workflow automates phishing email detection and reporting by integrating Gmail and Microsoft Outlook email triggers, analyzing the content and headers of incoming emails, and generating Jira tickets for flagged phishing emails. Here’s what happens: Email Triggers: Captures incoming emails from Gmail or Microsoft Outlook. Email Analysis: Extracts email content, headers, and metadata for analysis. HTML Screenshot: Converts the email’s HTML body into a visual screenshot. AI Phishing Detection: Leverages ChatGPT to analyze the email and detect potential phishing indicators. Jira Integration: Automatically creates a Jira ticket with detailed analysis and attaches the email screenshot for review by the security team. Customizable Reports: Includes options to customize ticket descriptions and adapt the workflow to organizational needs. Setup Authentication: Set up Gmail and Microsoft Outlook OAuth credentials in n8n to access your email accounts securely. API Keys: Add API credentials for the HTML screenshot service (hcti.io) and ChatGPT. Jira Integration: Configure your Jira project and issue types in the workflow. Workflow Configuration: Update sticky notes and nodes to include any additional setup or configuration details unique to your system. How to customize this workflow to your needs Email Filters: Modify email triggers to filter specific subjects or sender addresses. Analysis Scope: Adjust the ChatGPT prompt to refine phishing detection logic. Integration: Replace Jira with your preferred ticketing system or modify the ticket fields to include additional information. This workflow provides an end-to-end automated solution for phishing email management, enhancing efficiency and reducing security risks. It’s perfect for teams looking to minimize manual effort and improve incident response times.
By Angel MenendezSync Google Calendar tasks to Trello every day
This workflow will allow you at the beginning of each day to copy your google calendar events into Trello so you can take notes, label, or automate your tasks. When deploying this, don't forget to change: Label ID for meeting type under "Create Trello Cards". You should be able to find instructions Here on how to find the label ID. Description for Trello cards under "Create Trello Cards". I currently pull in notes but it should be simple to change to pull the Gcal description instead. You can change the trigger time to fire at a different time.
By Angel MenendezQualys vulnerability trigger scan subWorkflow
This workflow is triggered by a parent workflow initiated via a Slack shortcut. Upon activation, it collects input from a modal window in Slack and initiates a vulnerability scan using the Qualys API. Key Features Trigger: Launched by a parent workflow through a Slack shortcut with modal input. API Integration: Utilizes the Qualys API for vulnerability scanning. Data Conversion: Converts XML scan results to JSON for further processing. Loop Mechanism: Continuously checks the scan status until completion. Slack Notifications: Posts scan summary and detailed results to a specified Slack channel. Workflow Nodes Start VM Scan in Qualys: Initiates the scan with specified parameters. Convert XML to JSON: Converts the scan results from XML format to JSON. Fetch Scan Results: Retrieves scan results from Qualys. Check if Scan Finished: Verifies whether the scan is complete. Loop Mechanism: Handles the repetitive checking of the scan status. Slack Notifications: Posts updates and results to Slack. Relevant Links Qualys API Documentation Qualys Platform Documentation Parent workflow link Link to Report Generator Subworkflow
By Angel MenendezCallForge - 04 - AI workflow for Gong.io sales calls
--- CallForge - AI Gong Sales Call Processing Workflow Automate your Gong.io sales call analysis with AI-driven insights, real-time tracking, and structured CRM integration. Who is This For? This workflow is designed for: ✅ Sales teams looking to automate sales call processing. ✅ Revenue operations (RevOps) professionals managing high volumes of call data. ✅ AI-driven sales intelligence teams using Gong.io for data-driven insights. What Problem Does This Workflow Solve? Manually managing and analyzing large volumes of Gong call data is time-consuming and error-prone. With CallForge, you can: ✔ Automate call processing to scale AI-driven insights. ✔ Integrate with Notion to track and organize sales call data efficiently. ✔ Get real-time Slack updates to stay informed on call processing progress. ✔ Handle API failures gracefully, allowing easy reruns if a rate limit is hit. ✔ Ensure AI-ready analysis, feeding structured call data into an AI-powered system. What This Workflow Does Triggers on New Gong Calls Captures new Gong calls and retrieves metadata, call summaries, and participant details. Compares Calls Against Notion Database Checks whether the call has already been processed and stored in Notion. Prevents duplicate entries from being added. Creates a Parent Notion Record for AI Processing Stores call details such as date, title, URL, company name, sales rep, and opportunity details in Notion. Links calls to Salesforce Opportunity (SF Opp) data. Assigns sales representatives and customer information to each call. Loops Through Calls for Processing Ensures resilience by allowing failed runs to restart where they left off. Processes calls one at a time to prevent Notion rate limits. Sends Call Data to an AI Processor Extracts structured call details and sends them to an AI-powered analysis workflow. Allows multiple AI agents to process and extract structured data from calls. Provides Real-Time Slack Alerts Posts a progress update in Slack when the queue starts processing. Sends real-time call progress notifications. Sends a completion alert once all calls are processed. How to Set Up This Workflow Connect Your APIs 🔹 Gong API Credentials – Ensure you have valid Gong API credentials in n8n. 🔹 Notion Database – Provide access to a Notion database for storing call insights. 🔹 Slack Integration – Configure a Slack channel for progress alerts. 🔹 AI Processing Workflow – Connect an AI-powered call processing workflow for final analysis. CallForge - 01 - Filter Gong Calls Synced to Salesforce by Opportunity Stage CallForge - 02 - Prep Gong Calls with Sheets & Notion for AI Summarization CallForge - 03 - Gong Transcript Processor and Salesforce Enricher CallForge - 04 - AI Workflow for Gong.io Sales Calls CallForge - 05 - Gong.io Call Analysis with Azure AI & CRM Sync CallForge - 06 - Automate Sales Insights with Gong.io, Notion & AI CallForge - 07 - AI Marketing Data Processing with Gong & Notion CallForge - 08 - AI Product Insights from Sales Calls with Notion How to Customize This Workflow 💡 Modify Call Storage – Swap Notion for a different CRM or database (e.g., HubSpot, Airtable, Salesforce). 💡 Change AI Processing – Integrate a custom AI model for analyzing sales conversations. 💡 Customize Slack Notifications – Adjust Slack messages or send alerts via email instead. 💡 Expand with More Integrations – Connect with Salesforce, Pipedrive, or HubSpot for further enrichment. Why Use CallForge? 🚀 Automate Gong call tracking for seamless sales intelligence. 📊 Improve sales operations with structured, AI-powered insights. ⚡ Get real-time updates and keep your team informed instantly. Start optimizing your Gong call processing today!
By Angel Menendez