A chatflow is a reusable workflow artifact in Flowise that defines how an AI application behaves. It can describe nodes, prompts, tool usage, routing logic, and other configuration needed to build a conversational automation. In practice, a chatflow is similar to a portable workflow file: it is meant to be shared, imported, and reused.
In cybersecurity, chatflows matter because they turn data into behavior. If an attacker can modify or disguise a chatflow, the import process may expose trusted systems to unsafe actions, including malicious tool calls or server-side execution paths. Defenders should treat imported chatflows as untrusted input, restrict who can create or upload them, review workflow contents before activation, and use integrity checks or version control where possible. Because these files can change application logic, they belong on the attack surface just like plugins or code extensions.



