Security measures

Extension Kit implements security measures to protect flows from malicious code execution.

Run code action security

The Run code action has the following security restrictions:

1. Run code action file restrictions

The Run Code action does not allow files of any kind to be opened or executed within the action. This prevents:

• Direct file system access
• Execution of binary files
• Loading of external scripts or libraries

2. Secure file content retrieval

File content must be received using SFTP actions. This ensures that file operations are authenticated, encrypted, and auditable.

3. Automated content scanning

All file content processed within flows is automatically scanned for potentially dangerous patterns.

4. Execution feedback

If a restricted pattern is detected during security checks, the action fails before the script executes and returns an error.

Note: See Run Code action and Service Limits - Run Code action for more details.