How Striga uncovered a critical sandbox escape and unsanitized node name injection in n8n's expression engine, chaining them into full Remote Code Execution.
I think "as long as it was not a terminating action" is crucial here. The way how Cloudflare dashboard is designed right now may put you in false sense of security by implying that all rules will be evaluated one after another. In my opinion, they could do a better job UI-wise on highlighting, that a terminating action will result in skipping all subsequent rules.