This article provides a complete, practical walkthrough of the Code Converttofile Create Webhook n8n agent. It connects HTTP Request, Webhook across approximately 1 node(s). Expect a Intermediate setup in 15-45 minutes. One‑time purchase: €29.

What This Agent Does

This agent orchestrates a reliable automation between HTTP Request, Webhook, handling triggers, data enrichment, and delivery with guardrails for errors and rate limits.

It streamlines multi‑step processes that would otherwise require manual exports, spreadsheet cleanup, and repeated API requests. By centralizing logic in n8n, it reduces context switching, lowers error rates, and ensures consistent results across teams.

Typical outcomes include faster lead handoffs, automated notifications, accurate data synchronization, and better visibility via execution logs and optional Slack/Email alerts.

How It Works

The workflow uses standard n8n building blocks like Webhook or Schedule triggers, HTTP Request for API calls, and control nodes (IF, Merge, Set) to validate inputs, branch on conditions, and format outputs. Retries and timeouts improve resilience, while credentials keep secrets safe.

Third‑Party Integrations

• HTTP Request
• Webhook

Import and Use in n8n

1. Open n8n and create a new workflow or collection.
2. Choose Import from File or Paste JSON.
3. Paste the JSON below, then click Import.
4. Show n8n JSON

   Title:  
   AI-Powered Email Phishing Detection and Ticketing Automation Using n8n, ChatGPT, and Jira
   
   Meta Description:  
   Discover how an advanced n8n workflow integrates Gmail, Microsoft Outlook, hcti.io, OpenAI's ChatGPT, and Jira to automatically detect phishing emails and streamline security reporting with actionable Jira tickets.
   
   Keywords:  
   n8n, phishing detection, email security, ChatGPT, OpenAI GPT-4, GPT-4o, Jira automation, Gmail, Microsoft Outlook, hcti.io, email header analysis, automated ticketing, AI email analysis, workflow automation, SOC automation, cybersecurity workflow
   
   Third-Party APIs Used:
   
   1. Gmail API – Used via the Gmail Trigger node to monitor incoming emails from Gmail accounts in real-time.
   2. Microsoft Outlook / Microsoft Graph API – Used to poll inboxes for new emails, retrieve metadata and headers, and analyze message contents.
   3. hcti.io (HTML/CSS to Image API) – Converts email HTML bodies into screenshots for visual documentation of email layouts.
   4. OpenAI's ChatGPT API (GPT-4o model) – Conducts AI-driven phishing and threat analysis based on email content and headers.
   5. Jira Cloud API – Automatically creates and updates Jira tickets with email content, threat assessments, and attachments like email screenshots and text bodies.
   
   Full Article:  
   
   Automating Email Phishing Detection and Reporting with n8n and ChatGPT  
   
   Email security remains one of the most critical domains in enterprise cybersecurity. With the growing sophistication of phishing techniques, manual analysis and reporting can no longer keep pace. Leveraging automation and artificial intelligence (AI) is crucial—and that's exactly what this comprehensive n8n workflow achieves.
   
   This intelligent automation sequence combines n8n's powerful orchestration engine with tools like Gmail, Microsoft Outlook, OpenAI's ChatGPT, and Jira to analyze incoming emails, determine their threat level, and log tickets for easy SOC triage. Here’s an inside look at how each building block works together to protect your inbox.
   
   Step 1: Capturing Emails from Gmail and Outlook  
   The workflow begins with email monitoring. A Gmail Trigger node checks every minute for incoming messages. It captures key elements such as the subject line, body, recipient, headers, and more. Alternatively, the Microsoft Outlook Trigger node (currently disabled but pre-integrated) supports similar functionality using Microsoft Graph API.
   
   Step 2: Extracting and Structuring Email Data  
   Once an email is captured, n8n uses Set nodes to structure important fields like HTML body, plain text content, recipient, subject, and message headers. For Outlook messages, an additional step is included to fetch and neatly format the email headers, involving a custom JavaScript function to consolidate multiple values and ensure JSON compatibility.
   
   Step 3: Visual Email Representation with hcti.io  
   Often, how an email visually appears can offer clues about its legitimacy. Through a strategic integration with hcti.io, the workflow sends the HTML content to be rendered as an image. The resulting screenshot is retrieved and stored for attachment in later steps, bringing valuable visual context to the phishing analysis.
   
   Step 4: Converting Email Body to Text  
   The workflow simultaneously converts the email’s plain text content into a `.txt` file using n8n’s Convert to File node. This ensures that both a visual and textual representation of the email is available for documentation and auditing.
   
   Step 5: AI Threat Analysis Using ChatGPT  
   The heart of this workflow lies in AI-powered email analysis. The cleaned HTML body and formatted headers are passed to OpenAI's ChatGPT using the GPT-4o model. ChatGPT returns a structured JSON output that indicates whether the email is malicious and provides a highly verbose, human-readable summary. The response is formatted in Jira wiki syntax for immediate use in tickets.
   
   Step 6: Conditional Workflow Control  
   Next, a decision is made based on the AI’s output. The “Check if Malicious” node reads the Boolean value assigned to the “malicious” field by ChatGPT. This dictates the downstream path—whether to treat the email as a phishing threat or a benign message falsely reported.
   
   Step 7: Automating Jira Ticket Creation  
   Depending on the threat detection result, the workflow generates a Jira ticket in a project named “Support.”  
   - For malicious emails, a “Potentially Malicious” task is created.  
   - For false positives or non-malicious emails, a “Potentially Benign” task is logged.
   
   Each ticket includes the reporter’s email, subject line, and ChatGPT analysis. The issue key is captured for future reference.
   
   Step 8: Attaching Screenshot and Email Body  
   To enrich the ticket, the email screenshot (`.png`) and the `.txt` file are renamed for consistency and uploaded to the associated Jira issue. This ensures that security analysts reviewing the ticket have all relevant artifacts to make informed decisions quickly and accurately.
   
   Why This Workflow Matters  
   This n8n workflow is not just about automation—it’s about augmenting human capabilities with AI, reducing incident response times, and maintaining high standards of documentation and transparency in email threat intelligence. By combining real-time inbox monitoring, screenshot and text archiving, AI analysis, and Jira integration, the solution offers a full-circle response mechanism to modern phishing threats.
   
   Final Thoughts  
   With email still being a primary attack vector in cybersecurity breaches, adopting intelligent workflows like this one ensures that defense mechanisms are as dynamic as the threats they face. Whether you're a security engineer, a DevOps professional, or an IT administrator, integrating solutions such as n8n, ChatGPT, and Jira into your phishing detection toolkit is no longer optional—it’s essential.
   
   Let automation do the heavy lifting so your team can focus on what matters most: staying ahead of threats.

5. Set credentials for each API node (keys, OAuth) in Credentials.
6. Run a test via Execute Workflow. Inspect Run Data, then adjust parameters.
7. Enable the workflow to run on schedule, webhook, or triggers as configured.

Tips: keep secrets in credentials, add retries and timeouts on HTTP nodes, implement error notifications, and paginate large API fetches.

Validation: use IF/Code nodes to sanitize inputs and guard against empty payloads.

Why Automate This with AI Agents

AI‑assisted automations offload repetitive, error‑prone tasks to a predictable workflow. Instead of manual copy‑paste and ad‑hoc scripts, your team gets a governed pipeline with versioned state, auditability, and observable runs.

n8n’s node graph makes data flow transparent while AI‑powered enrichment (classification, extraction, summarization) boosts throughput and consistency. Teams reclaim time, reduce operational costs, and standardize best practices without sacrificing flexibility.

Compared to one‑off integrations, an AI agent is easier to extend: swap APIs, add filters, or bolt on notifications without rewriting everything. You get reliability, control, and a faster path from idea to production.

Best Practices

• Credentials: restrict scopes and rotate tokens regularly.
• Resilience: configure retries, timeouts, and backoff for API nodes.
• Data Quality: validate inputs; normalize fields early to reduce downstream branching.
• Performance: batch records and paginate for large datasets.
• Observability: add failure alerts (Email/Slack) and persistent logs for auditing.
• Security: avoid sensitive data in logs; use environment variables and n8n credentials.

FAQs

Can I swap integrations later? Yes. Replace or add nodes and re‑map fields without rebuilding the whole flow.

How do I monitor failures? Use Execution logs and add notifications on the Error Trigger path.

Does it scale? Use queues, batching, and sub‑workflows to split responsibilities and control load.

Is my data safe? Keep secrets in Credentials, restrict token scopes, and review access logs.