Skip to main content
AgentScript is a safe subset of JavaScript designed for AI-generated orchestration code. It provides the expressiveness needed for tool orchestration while blocking dangerous constructs that could compromise security.

Design Philosophy

AgentScript is designed with these principles:
  1. Whitelist over blacklist - Only allowed constructs are permitted
  2. No user-defined functions - Prevents recursion and complexity
  3. Bounded iteration - All loops have limits
  4. Explicit tool calls - External interactions through callTool()
  5. Static targets - Tool names must be string literals

What’s Allowed

Variables

Tool Calls

Conditionals

Bounded Loops

Array Methods with Arrow Functions

Safe Globals

Return Values

What’s Blocked

Dynamic Code Execution

System Access

Global Objects

Prototype Manipulation

Metaprogramming

User-Defined Functions

Unbounded Loops

Network and Storage

Native Code

Configuration

The AgentScript preset is configurable:

Code Transformation

AgentScript code is transformed before execution:

AgentScript for LLMs

When prompting an LLM to generate AgentScript, include this context: