Local-first Workflow Review IDE for existing workflow artifacts.
OpenWorkflowDoctor reviews workflows. It does not run them.
Current release line: v0.9.1 Security / Dependency / Release Hardening.
It is not a workflow builder, workflow runtime, automatic n8n fixer, or production n8n mutator.
It turns exported n8n JSON, optional read-only n8n imports, Dify DSL YAML, Coze workflow definition JSON, or Custom Graph JSON into a secret-safe WorkflowIR, static risk report, structured patch preview, verifier result, human review checklist, and exportable JSON, Markdown, and HTML review artifacts.
AI can explain and propose structured PatchOperation candidates, but deterministic validation, verifier gates, and human review remain required.
- Reviews exported n8n workflow JSON locally.
- Optionally imports workflows from n8n through read-only workflow API calls.
- Imports Dify DSL YAML as a local diagnosis-only review copy.
- Imports Coze workflow definition JSON as a local diagnosis-only review copy.
- Imports safe declarative Custom Graph JSON as a local diagnosis-only review copy.
- Shows graph structure, static risks, patch previews, verifier gates, and readable review reports.
- Keeps AI suggestions reviewable and bounded by structured validation.
- Never executes workflows, reads credentials, writes back to n8n, Dify, or Coze, activates/deactivates workflows, or exports platform-importable patched workflows.
Docker Compose is the recommended public try-out path:
docker compose upOpen http://localhost:3000.
This starts OpenWorkflowDoctor only. It does not bundle n8n, does not require an AI provider key, and does not require an n8n connection. First-run Demo mode works with bundled sample workflows.
Use Node setup for contribution work:
npm install
npm run dev -w apps/webOpen the URL printed by Next.js.
Recommended demo flow:
- Use first-run Demo mode, load a bundled refund workflow sample, or import
samples/n8n/refund-workflow.json. - Run Doctor with the default reliability review request if the sample was not already diagnosed by onboarding.
- Inspect the workflow graph, static risks, deterministic patch preview, verifier gates, and human review checklist.
- Open Settings and review provider presets, including Verified, Preset, Experimental, and Custom tiers.
- Inspect the AI Patch Proposal boundary: AI can propose structured operations only, and unavailable providers fall back safely.
- Apply the reviewed patch preview locally.
- Export the JSON Review Packet, Markdown Review Report, or static HTML Review Report for human approval.
The exported packet and reports are OpenWorkflowDoctor review artifacts. They are not platform-importable workflow patches and they do not execute any side effects.
For local deployment details, see Local Deployment. For onboarding details, see Onboarding. For troubleshooting, see Troubleshooting. For a tighter walkthrough, see Demo Guide.
- Import exported n8n workflow JSON in the browser.
- Import selected workflows from n8n as local read-only review copies.
- Import Dify DSL
.yml/.yamlfiles as local diagnosis-only review copies. - Import Coze workflow definition
.jsonfiles as local diagnosis-only review copies. - Import Custom Graph
.jsonfiles through the built-in declarative adapter. - Parse workflow JSON into secret-safe
WorkflowIR. - Store multiple workflow reviews in a local IndexedDB workspace.
- Switch active workflows from Workflow Explorer without rerunning Doctor.
- Render a React Flow graph from deterministic workflow analysis.
- Show workflow summary, node risks, static diagnostics, and acceptance recommendation.
- Generate deterministic structured
PatchProposalobjects for supported reliability fixes. - Apply structured
PatchOperationobjects only toWorkflowIRpreview state. - Keep original workflow, patched preview, verifier output, and human review decision separate.
- Export a
DoctorReviewPacketJSON file plus Markdown and static HTML review reports with before/after risk counts, readable patch diff, verifier gates, checklist state, review target fingerprint, source metadata, and human decision. - Support advisory AI explanations with local BYOK provider settings and deterministic fallback.
- Support AI-assisted patch proposals as validated structured
PatchOperationcandidates, with deterministic validation, patch preview, verifier gates, and human review still required. - Store n8n connection metadata locally while keeping n8n API keys session-only by default.
- Provide first-run onboarding, demo mode, in-product troubleshooting, and local reset controls.
- Support
zh-CNanden-USUI copy.
Supported static diagnostics currently include webhook dedupe, HTTP timeout, payment idempotency, missing error branches, incomplete control-flow routes, and missing success audit trails.
OpenWorkflowDoctor is local-first and review-first.
- Imported workflow data stays in the browser workspace.
- Settings, language, theme, and local AI provider settings stay in browser local storage.
- AI API keys are masked in the UI and are not included in
WorkflowIR,DoctorReviewPacket, or exported artifacts. - n8n API keys are stored session-only and are not included in
WorkflowIR,DoctorReviewPacket, Review Packet Artifacts, or Workflow Documents. - Sensitive parameter previews such as API keys, authorization headers, passwords, tokens, and secrets are redacted before they enter WorkflowIR, UI, or review exports.
- Review reports are generated from sanitized Review Packet data and exclude raw source artifacts, raw prompts, raw code, raw SQL, credentials, provider keys, signed URLs, native platform patch output, and secret values.
- n8n read-only import uses only workflow list/get endpoints with
excludePinnedData=true. - Dify DSL import parses local YAML only and never calls Dify APIs, fetches resources, executes workflows, publishes, or writes back.
- Coze definition import parses local JSON only and never calls Coze APIs, fetches resources, executes workflows, publishes, or writes back.
- Custom Graph JSON import is declarative only and never executes JavaScript, mapping rules, remote schemas, or plugins.
- Static diagnostics and deterministic patch generation work without an LLM.
- AI Explainer remains advisory-only.
- AI Patch Proposal can propose validated structured changes, but it cannot apply patches, mutate raw n8n JSON, change verifier status, or change human review.
- Patch generation and verification are separate steps.
- A Builder Agent may propose changes in future versions, but only a Verifier can mark them
pass,hold, orfail. - Human review is recorded separately from verifier output.
Out of scope for the current MVP:
- workflow execution
- credential lookup or credential storage
- production n8n mutation
- raw n8n JSON mutation by an LLM
- automatic write-back to n8n
- platform-importable patched workflow export
| Version | Status | Scope |
|---|---|---|
| v0.1.0 | Frozen | Deterministic Workflow Doctor and Review Packet |
| v0.2.0 | Frozen | Advisory AI Explainer, Settings, i18n, and BYOK AI Provider |
| v0.3.0 | Frozen | Local Workspace and Multiple Workflows |
| v0.3.1 | Frozen | Workbench Refactor |
| v0.3.2 | Frozen | Public GitHub readiness cleanup |
| v0.4.0 | Frozen | Constrained AI Patch Proposal. AI can only output validated structured PatchOperation data. |
| v0.4.2 | Frozen | Real-model happy path and provider compatibility smoke results |
| v0.4.3 | Frozen | Provider Presets and Compatibility Registry |
| v0.4.4 | Frozen | Public demo polish, README demo media, issue templates, and feedback roadmap |
| v0.5.0 | Frozen | Read-only n8n Import. Import only, no execution and no write-back. |
| v0.5.1 | Frozen | Real n8n import polish, CORS/proxy hardening, and manual smoke checklist. |
| v0.5.2 | Frozen | Onboarding, Docker Compose local deployment, demo mode, troubleshooting, and reset polish. |
| v0.6.0 | Frozen | Dify DSL YAML Import. Import only, no Dify API, no execution, no publish, and no write-back. |
| v0.6.1 | Frozen | Dify read-only import feasibility only. No shipped Dify API connection or user-facing import surface. |
| v0.7.0 | Frozen | Coze Workflow Definition JSON Import. Import only, no Coze API, no execution, no resource fetch, no publish, and no write-back. |
| v0.8.0 | Frozen | Adapter SDK / Source Adapter Framework. Static built-in adapters, unified import pipeline, shared guardrails, conformance kit, and Custom Graph JSON. |
| v0.9.0 | Frozen | Review Packet Export Polish. Canonical JSON packet preserved, Markdown and static HTML review reports added, readable report preview, stale warnings, and secret-safe export tests. |
| v0.9.1 | Freeze audit | Security, dependency, CI/release, Docker/env, and docs hardening before v1.0. No product features added. |
The current product definition through v0.9.1:
OpenWorkflowDoctor is a local-first Workflow Review IDE. It supports importing multiple workflows from n8n JSON, optional read-only n8n workflow reads, Dify DSL YAML, Coze definition JSON, or Custom Graph JSON, running static diagnostics, previewing WorkflowIR patches, reviewing verifier output, recording human review, exporting JSON/Markdown/HTML review artifacts, generating advisory AI explanations, and requesting constrained AI PatchOperation proposals through configurable BYOK providers. AI never participates in final acceptance.
The product follows this flow:
n8n JSON / n8n read-only / Dify DSL / Coze definition JSON / Custom Graph JSON
-> secret-safe WorkflowIR
-> graph view model + summary + diagnostics
-> structured patch proposal + readable diff
-> human-reviewed patched preview
-> verifier report
-> JSON/Markdown/HTML review export + acceptance checklist
-> human accept / hold / reject
For report export details, see Review Report Export. For adapter framework details, see Adapter SDK, Custom Graph JSON Import, and Source Adapter Conformance. For read-only n8n import details, see v0.5 Read-only n8n Import. For Dify YAML import details, see v0.6 Dify DSL Import. For Coze JSON import details, see v0.7 Coze Workflow Definition Import. For deferred Dify read-only import analysis, see v0.6.1 Dify Read-only Import Feasibility. For real-instance validation, see Real n8n Import Smoke Test.
Core rules:
- Always parse imported workflow JSON into WorkflowIR first.
- Never let an LLM directly mutate raw n8n JSON.
- Represent all patch proposals as structured PatchOperation objects.
- Validate LLM output with Zod before it can enter the patch pipeline.
- Unknown node types must not crash the system.
- Rule-based diagnostics must work without LLM.
- External credentials must never be read or stored.
packages/workflow-ir: deterministic WorkflowIR, diagnostics, patch proposal, verification, and review packet logic.packages/workflow-ai: advisory AI explanation, constrained AI patch proposal, provider registry, and provider helper contracts.apps/web: local browser workbench.samples/n8n: demo exported workflow JSON.samples/dify: demo Dify DSL YAML.samples/coze: demo Coze workflow definition JSON.samples/custom-graph: demo Custom Graph JSON.
Install dependencies:
npm installRun the workbench:
npx next dev apps/web -p 3001Run checks:
npm test
npm run lint
npm run typecheck
npm run build
npm run test:e2eRun dependency audit:
npm audit- CHANGELOG.md
- SECURITY.md
- ROADMAP.md
- GitHub release notes
- Review Report Export
- Demo Guide
- Feedback Guide
- Provider presets and compatibility
- Read-only n8n import
- Dify DSL import
- Coze workflow definition import
- Dify read-only import feasibility
- Real n8n Import Smoke Test
- Manual AI Patch Proposal smoke test
- Real-model smoke results v0.4.2
- Public GitHub audit notes v0.3.1

