AutomationFlowsAI & RAG › Vendor Risk Assessment with Verifiable Decision Receipts

Vendor Risk Assessment with Verifiable Decision Receipts

Vendor Risk Assessment with Verifiable Decision Receipts. Uses openAi, n8n-nodes-signatrust, googleSheets. Webhook trigger; 5 nodes.

Webhook trigger★★☆☆☆ complexityAI-powered5 nodesOpenAIN8N Nodes SignatrustGoogle Sheets
AI & RAG Trigger: Webhook Nodes: 5 Complexity: ★★☆☆☆ AI nodes: yes Added:

This workflow follows the Google Sheets → OpenAI recipe pattern — see all workflows that pair these two integrations.

The workflow JSON

Copy or download the full n8n JSON below. Paste it into a new n8n workflow, add your credentials, activate. Full import guide →

Download .json
{
  "name": "Vendor Risk Assessment with Verifiable Decision Receipts",
  "nodes": [
    {
      "parameters": {
        "httpMethod": "POST",
        "path": "vendor-risk",
        "options": {},
        "responseMode": "responseNode"
      },
      "id": "e69ecd78-1c6d-4e51-b970-e0dabdb61a07",
      "name": "Vendor Risk Assessment",
      "type": "n8n-nodes-base.webhook",
      "typeVersion": 2.1,
      "position": [
        0,
        300
      ]
    },
    {
      "parameters": {
        "modelId": {
          "__rl": true,
          "mode": "list",
          "value": "gpt-4o",
          "cachedResultName": "GPT-4O"
        },
        "messages": {
          "values": [
            {
              "role": "system",
              "content": "=You are a third-party risk AI. Return JSON: {\"tier\":\"LOW|MEDIUM|HIGH\",\"decision\":\"APPROVE|REJECT\",\"reason\":\"...\"}."
            },
            {
              "content": "=Return JSON only.\n\nInput:\n{{ JSON.stringify($json.body) }}"
            }
          ]
        },
        "jsonOutput": true,
        "options": {}
      },
      "id": "43b367b6-4207-46d4-ada4-68655def4c22",
      "name": "AI Decision",
      "type": "@n8n/n8n-nodes-langchain.openAi",
      "typeVersion": 2.1,
      "position": [
        220,
        300
      ],
      "credentials": {
        "openAiApi": {
          "name": "<your credential>"
        }
      }
    },
    {
      "parameters": {
        "operation": "generateReceipt",
        "agentName": "VendorRiskAgent",
        "workflowName": "={{ $workflow.name }}",
        "action": "={{ 'AI decision: ' + ($json.message.content.decision || $json.message.content.recommendation || 'completed') }}",
        "decision": "={{ JSON.stringify($json.message.content) }}",
        "additionalFields": {
          "modelProvider": "openai",
          "modelUsed": "gpt-4o",
          "decisionType": "vendor_risk",
          "riskLevel": "high",
          "humanReview": false,
          "policies": "tprm-v2, soc2",
          "permissions": "vendor.assess",
          "tags": "grc, vendor, security"
        }
      },
      "id": "b67d8613-4a7b-435e-925a-deaa11e960ac",
      "name": "Signatrust: Receipt",
      "type": "n8n-nodes-signatrust.signatrust",
      "typeVersion": 1,
      "position": [
        440,
        300
      ],
      "credentials": {
        "signatrustApi": {
          "name": "<your credential>"
        }
      }
    },
    {
      "parameters": {
        "operation": "append",
        "documentId": {
          "__rl": true,
          "mode": "id",
          "value": "REPLACE_SHEET_ID"
        },
        "sheetName": {
          "__rl": true,
          "mode": "list",
          "value": "Sheet1",
          "cachedResultName": "Sheet1"
        },
        "columns": {
          "mappingMode": "autoMapInputData",
          "value": {},
          "matchingColumns": []
        },
        "options": {}
      },
      "id": "ad0ae687-9ad3-41c9-9e07-22b9f913c1a3",
      "name": "Log to Sheet",
      "type": "n8n-nodes-base.googleSheets",
      "typeVersion": 4.5,
      "position": [
        660,
        300
      ],
      "credentials": {
        "googleSheetsOAuth2Api": {
          "name": "<your credential>"
        }
      }
    },
    {
      "parameters": {
        "content": "## Vendor Risk Assessment with Verifiable Decision Receipts\n**Why Signatrust?** Every AI decision here becomes a tamper-evident, Ed25519-signed receipt \u2014 verifiable for audits and disputes.",
        "height": 170,
        "width": 420,
        "color": 5
      },
      "id": "6d438858-e7ae-4c10-8e9f-6066d05eb92b",
      "name": "Sticky Note 67afed",
      "type": "n8n-nodes-base.stickyNote",
      "typeVersion": 1,
      "position": [
        -40,
        40
      ]
    }
  ],
  "connections": {
    "Vendor Risk Assessment": {
      "main": [
        [
          {
            "node": "AI Decision",
            "type": "main",
            "index": 0
          }
        ]
      ]
    },
    "AI Decision": {
      "main": [
        [
          {
            "node": "Signatrust: Receipt",
            "type": "main",
            "index": 0
          }
        ]
      ]
    },
    "Signatrust: Receipt": {
      "main": [
        [
          {
            "node": "Log to Sheet",
            "type": "main",
            "index": 0
          }
        ]
      ]
    }
  },
  "active": false,
  "settings": {
    "executionOrder": "v1"
  },
  "tags": [
    {
      "name": "Vendor Risk Assessment \u2014 grc"
    },
    {
      "name": "Vendor Risk Assessment \u2014 vendor"
    },
    {
      "name": "Vendor Risk Assessment \u2014 security"
    },
    {
      "name": "Signatrust (20)"
    }
  ],
  "meta": {
    "templateCredsSetupCompleted": false
  },
  "versionId": "42e41a5a-d284-41ab-8778-c326706b955a"
}

Credentials you'll need

Each integration node will prompt for credentials when you import. We strip credential IDs before publishing — you'll add your own.

Pro

For the full experience including quality scoring and batch install features for each workflow upgrade to Pro

About this workflow

Vendor Risk Assessment with Verifiable Decision Receipts. Uses openAi, n8n-nodes-signatrust, googleSheets. Webhook trigger; 5 nodes.

Source: https://github.com/abokenan444/n8n-signatrust-workflows/blob/main/workflows/20-vendor-risk-assessment.json — original creator credit. Request a take-down →

More AI & RAG workflows → · Browse all categories →

Related workflows

Workflows that share integrations, category, or trigger type with this one. All free to copy and import.

AI & RAG

Insurance Claim Assessment with Verifiable Decision Receipts. Uses openAi, n8n-nodes-signatrust, googleSheets. Webhook trigger; 5 nodes.

OpenAI, N8N Nodes Signatrust, Google Sheets
AI & RAG

Support Ticket Prioritization with Verifiable Decision Receipts. Uses openAi, n8n-nodes-signatrust, googleSheets. Webhook trigger; 5 nodes.

OpenAI, N8N Nodes Signatrust, Google Sheets
AI & RAG

Candidate Ranking with Verifiable Decision Receipts. Uses openAi, n8n-nodes-signatrust, googleSheets. Webhook trigger; 5 nodes.

OpenAI, N8N Nodes Signatrust, Google Sheets
AI & RAG

Digital B - Lead Automation System (Google Sheets). Uses openAi, googleSheets, gmail, slack. Webhook trigger; 9 nodes.

OpenAI, Google Sheets, Gmail +2
AI & RAG

HR Resume Screening with Verifiable Decision Receipts. Uses openAi, n8n-nodes-signatrust, gmail. Webhook trigger; 5 nodes.

OpenAI, N8N Nodes Signatrust, Gmail