Safescript: A Purpose-Built Language for Secure AI Agent Code Execution

Summary

Safescript is a new open-source programming language designed specifically to allow AI agents to safely execute code without the overhead of containers or virtual machines. Unlike traditional programming languages, Safescript is intentionally non-Turing-complete—it forbids loops, recursion, and dynamic operations like eval or shell execution, guaranteeing that every program provably terminates and cannot hang systems. Programs compile to static directed acyclic graphs (DAGs) with formal data-flow tracking, allowing developers to inspect exactly what a program will do before execution.

The language addresses a critical scaling problem in AI agent deployment: current approaches either give agents access to general-purpose languages (creating massive security risks) or restrict them to hardcoded tools (limiting scalability). Existing solutions rely on expensive sandboxing infrastructure—Docker containers, microVMs, Firecracker, E2B—that introduce cold-start latency and orchestration complexity for each agent execution. Safescript eliminates this entirely by making the language itself the sandbox; since the instruction set contains no dangerous operations, code can run directly in the application process.

The project includes a CLI for macOS and Ubuntu installation plus library support for Deno and npm. A key innovation is the static program signature feature, which reveals exactly which external APIs the code will contact and how data flows between them. This structural design makes supply chain attacks (like a malicious dependency update exfiltrating credentials) impossible to execute without detection.

• Trades general-purpose expressiveness for safety and efficiency—a deliberate tradeoff that works well for bounded AI agent tasks
• Available as open-source with CLI and library support for multiple runtimes (Deno, npm)