I built a modular n8n workflow that uses an LLM as its “decision engine” to enumerate, triage, and exploit an HTB “Editor” box end-to-end — from a single input to flag extraction. In my write-up, I walk through challenges like ephemeral shells, hallucinated commands, orchestration pitfalls, and verification logic.