⚙Tool
Function
Execute custom JavaScript code in a secure sandboxed environment within your workflow
The Function block lets you run arbitrary JavaScript logic inside a secure, isolated sandbox at any point in your workflow. Use it to transform data, implement custom business rules, call external APIs, or bridge between blocks when no built-in tool covers your exact requirement.
Overview
| Property | Value |
|---|---|
| Type | function |
| Category | Tool — Developer |
| Auth | None (the sandbox has no credentials; pass secrets via envVars) |
Operations
| Operation | Tool ID | Description |
|---|---|---|
| Function Execute | function_execute | Execute a JavaScript function body in a sandboxed Node.js environment with configurable timeout and environment variable injection |
Configuration
| Setting | Type | Required | Description |
|---|---|---|---|
code | string | Yes | The JavaScript function body to execute. The code runs inside an async function(params, environmentVariables) { ... } context. Reference upstream block outputs and env vars using {{...}} placeholders (e.g. {{starter.value}}, {{MY_API_KEY}}). |
timeout | number | No | Maximum execution time in milliseconds before the sandbox forcibly terminates. Defaults to 10000 (10 seconds). |
envVars | object | No | Key/value map of environment variable names and their values to expose inside the function. Access them in code as {{ENV_VAR_NAME}}. |
blockData | object | No | Resolved output data from upstream blocks — injected automatically by the executor for {{blockName.field}} resolution. You do not set this manually. |
blockNameMapping | object | No | Maps human-readable block names to internal block IDs — injected automatically by the executor. You do not set this manually. |
Outputs
| Field | Type | Description |
|---|---|---|
result | json | The value returned by the last return statement in your function body. Can be any JSON-serializable value: string, number, object, or array. |
stdout | string | Captured output from all console.log() (and related) calls made during execution. Useful for debugging. |
Example
[Starter] → [Function: transform data] → [Agent: summarize result]Suppose the Starter receives a raw JSON payload from a webhook. Add a Function block with code that parses, filters, and reshapes the payload:
const records = {{starter.records}};
const apiKey = {{INTERNAL_API_KEY}};
const filtered = records.filter(r => r.status === 'active');
const response = await fetch('https://internal.example.com/enrich', {
method: 'POST',
headers: { 'Authorization': `Bearer ${apiKey}`, 'Content-Type': 'application/json' },
body: JSON.stringify({ items: filtered }),
});
if (!response.ok) throw new Error(`Enrich failed: ${response.status}`);
return await response.json();The downstream Agent block then receives {{function.result}} — the enriched array — and can summarize or act on it without needing to know about the transformation details.
Tips
- Return a value explicitly. The
resultoutput is whatever yourreturnstatement produces. If you forgetreturn,resultwill beundefined. - Use
console.logfor debugging. Everything written to stdout is captured in thestdoutoutput so you can inspect intermediate values without failing the workflow. - Inject secrets via
envVars, not hardcoded strings. Map workspace environment variables to theenvVarsparam (e.g.{ "MY_KEY": "{{MY_API_KEY}}" }) and reference them in code as{{MY_KEY}}. This keeps secrets out of the code editor. - Respect the timeout. Long-running or recursive operations that exceed the timeout (default 10 s) will be killed and the block will error. Increase
timeoutfor operations that legitimately take longer, but prefer delegating heavy I/O to dedicated tool blocks. - Standard Node.js built-ins are available (e.g.
crypto,Buffer,URL). Externalnpmpackages are not importable — implement the logic inline or usefetchfor remote resources.