How Striga uncovered a critical sandbox escape and unsanitized node name injection in n8n's expression engine, chaining them into full Remote Code Execution.

This is why AST-based sandboxing in JavaScript is fundamentally fragile, every new syntax feature is a potential gap