New Features
Script Workflow Node
A new script node type for workflows that executes JavaScript code in a secure sandboxed environment. Useful for string manipulation, data transformation, calculations, and encoding/decoding that the set node cannot handle.
Properties:
- code (required): JavaScript code with {{variable}} support
- saveTo (optional): Variable to store the result
- timeout (optional): Execution timeout in ms (default: 10000)
Example:
- id: sort-items
type: script
code: |
var items = '{{rawList}}'.split(',').map(function(s){ return s.trim(); });
items.sort();
return items.join('\n');
saveTo: sortedList
execute_javascript Tool for Chat & Command Nodes
Gemini can now autonomously execute JavaScript code during chat conversations and workflow command nodes. The AI can use this tool for data transformation, calculations, encoding/decoding, and other programmatic operations without requiring a dedicated script node.
Security
All JavaScript execution runs in a sandboxed iframe with:
- sandbox="allow-scripts" (no same-origin access)
- CSP default-src 'none' — blocks fetch, XHR, WebSocket, and all external resources
- Configurable timeout to prevent infinite loops
- No access to parent DOM, cookies, localStorage, or IndexedDB