Platform Comparison
Feature Matrix
| Feature | n8n | Flowise | Langflow | Dify |
|---|---|---|---|---|
| Auto risk scoring | Yes | Yes | Yes | Yes |
| Manual risk override | Yes | Yes | Yes | Yes |
| Risk hints (JSON) | Yes | Yes | Yes (advanced) | Via credentials |
| Denial handling | Error or Passthrough | JSON status string | Data object | JSON message (generator) |
| Credentials support | attestaApi credential | — | — | Provider credential (risk_threshold) |
| Audit trail | Yes | Yes | Yes | Yes |
| Batch processing | Yes (per item) | Single invocation | Single invocation | Single invocation |
| LLM-driven invocation | No (data pipeline) | Yes (agent calls tool) | No (component output) | Yes (LLM form parameters) |
How No-Code Differs from Code Integrations
The code-based integrations wrap individual tool functions or intercept framework-specific hook points (e.g., LangChain toolfunc, OpenAI approval_handler). No-code integrations take a different approach:
- Visual placement — You drag the Attesta component onto a canvas and connect it to other nodes. No Python or TypeScript required.
- Data-driven context — Instead of wrapping a function, the component receives input data (JSON items, tool arguments, or form parameters) and builds an
ActionContextfrom that data plus the configured function name. - Platform-native output — Each component returns results in the format native to its platform: n8n adds
_attestametadata to output items, Flowise returns a JSON string the agent can parse, Langflow emits aDataobject, and Dify yields aToolInvokeMessage.
Attesta.evaluate() pipeline described in How It Works. The risk scoring, challenge selection, verification, and audit logging are identical.
All no-code components use the
@kyberon/attesta TypeScript package or the attesta Python package under the hood. They provide the same risk scoring, challenge types, and audit capabilities as the code-based integrations.How It Works
Every no-code component follows the same four-step pattern:Configure the Gate
Set the Function Name (the action being gated), the Risk Level (auto or manual override), and any Risk Hints (JSON key-value pairs that influence scoring).
Connect to Your Workflow
Place the Attesta component before the action node in your workflow. Data flows through the gate before reaching the action.
Evaluate at Runtime
When the workflow runs, the gate component creates an
ActionContext, evaluates it through the Attesta pipeline (risk scoring, challenge selection, verification), and either passes data through (approved) or stops the flow (denied).Common Configuration
Every component accepts these core parameters (the exact input names vary slightly by platform):| Parameter | Type | Description |
|---|---|---|
| Function Name | String | Name of the action being gated (e.g., send_email, delete_record). This is the primary input to the risk scorer. |
| Risk Level | Select | Override the automatic risk score. Options: Auto, Low, Medium, High, Critical. |
| Risk Hints / Action Arguments | JSON | Additional context for the risk scorer (e.g., {"destructive": true, "pii": true}). |
Getting Started
n8n
Workflow node with error/passthrough denial modes and batch processing
Flowise
LangChain DynamicTool component for agent chatflows
Langflow
Python component with structured Data output
Dify
Plugin with provider credentials and LLM-driven parameters