'%3e%3cpath%20d='M192%200H64C28.6538%200%200%2028.6538%200%2064V192C0%20227.346%2028.6538%20256%2064%20256H192C227.346%20256%20256%20227.346%20256%20192V64C256%2028.6538%20227.346%200%20192%200Z'%20fill='%231E2128'/%3e%3cpath%20d='M144%2032H64C46.3269%2032%2032%2046.3269%2032%2064V144C32%20161.673%2046.3269%20176%2064%20176H144C161.673%20176%20176%20161.673%20176%20144V64C176%2046.3269%20161.673%2032%20144%2032Z'%20fill='white'/%3e%3cpath%20d='M144%2096H112C103.163%2096%2096%20103.163%2096%20112V144C96%20152.837%20103.163%20160%20112%20160H144C152.837%20160%20160%20152.837%20160%20144V112C160%20103.163%20152.837%2096%20144%2096Z'%20fill='%231E2128'/%3e%3c/g%3e%3cdefs%3e%3cclipPath%20id='clip0_2_4976'%3e%3crect%20width='256'%20height='256'%20fill='white'/%3e%3c/clipPath%3e%3c/defs%3e%3c/svg%3e)
Script.it is built with security as a default, not an afterthought. Your data is encrypted wherever it travels or rests, scripts execute inside isolated environments that can’t reach your other sessions, and the infrastructure is designed to stay available even when individual components fail. This page describes the specific protections in place.Documentation Index
Fetch the complete documentation index at: https://docs.script.it/llms.txt
Use this file to discover all available pages before exploring further.
Data encryption
In transit
All communication between your browser and Script.it is encrypted using HTTPS with TLS 1.2 or higher. This applies to every request — API calls, file uploads, webhook payloads, and everything in between.At rest
Data stored in your workspace is encrypted at rest. This includes your scripts, session files, and any credentials you’ve connected through integrations.Credential security
When you connect an integration — Slack, Gmail, Google Sheets, or any other service — Script.it stores the access credentials in encrypted form. Your credentials are never exposed in plain text, and they’re never included in script source files or chat history. To revoke access for an integration at any time:- Go to Settings → Integrations.
- Find the integration you want to disconnect.
- Click Disconnect.
Isolated run environments
Every session runs in its own isolated environment. When a script executes, it cannot access the files or running state of any other session. This means:- Concurrent sessions don’t interfere with each other.
- A script can only read files that were produced in its own session, unless you explicitly pass data between scripts.
- The run environment is cleared after the session ends.
Workspace backups
Your workspace data — scripts, session history, trigger configurations, and connected integrations — is automatically backed up. You don’t need to configure anything for backups to work.Infrastructure
Script.it runs on Google Cloud. The infrastructure includes redundancy at multiple levels and automatic failover, so a failure in one component doesn’t bring down your automations. Scheduled triggers and webhook triggers are designed to continue operating even during maintenance windows.If you have specific compliance requirements or questions about data handling, contact support@script.it.