AI-owned script execution

The features on this page require Freeplane 1.13.3 or later. This page covers the AI-owned script host, not the normal Edit script window. For AI help inside the normal script editor, see AI formulas and script editing.

Benefits and risks

Benefits:

  • AI can compile and run its current AI-owned script against the current map selection,
  • shown mode keeps a manual review step,
  • hidden direct run can speed up iterative scripting when you intentionally accept the risk.

Risks:

  • this is one of the highest-risk AI features in Freeplane,
  • models make mistakes,
  • prompt injection through map content or scripts cannot be fully excluded,
  • restricted external permissions can reduce some risks, but they do not make unreviewed execution safe.

Direct AI script execution

To use this:

  • AI tool availability must include Script execution.
  • AI-owned script execution policy must be Hidden, AI may run directly.

If the script needs unrestricted file, write, network, or external process access, enable the corresponding AI-owned script may ... without restriction settings.

Benefits:

  • AI can execute its current AI-owned script without waiting for manual review,
  • this can speed up repeated compile-run-repair cycles.

Risks:

  • there is no user review step before execution,
  • the external-permission toggles can reduce some risks, but they do not make unreviewed execution safe.

For AI-started direct runs, AI-owned dialog Run permissions does not control the execution. Direct AI runs use the four AI-owned script may ... without restriction settings.

User-reviewed AI-owned script execution

To use this:

  • AI tool availability must include Script execution.
  • AI-owned script execution policy must be Shown, user must press Run.

Benefits:

  • Freeplane shows the AI-owned script before it runs,
  • you keep a manual review step.

Risks:

  • user review reduces risk, but it does not guarantee safety,
  • scripts can still be wrong, unsafe, or produce unwanted UI effects.

In shown mode, Freeplane opens a review dialog so you can inspect the script before running it.

AI-owned script review dialog

Shown mode is a review gate. The dialog is for script inspection and Run/Cancel only.

The shown dialog is not a results window. If you later see a popup with script output, that popup usually comes from the script itself.

AI-owned dialog Run permissions

This section matters only in shown mode, when the user presses Run in the AI-owned script dialog.

To use this:

  • AI tool availability must include Script execution.
  • AI-owned script execution policy must be Shown, user must press Run.

AI-owned dialog Run permissions controls which external permissions a user-started Run from that dialog uses:

  • Unrestricted external permissions
  • Use AI-specific external permissions

If you choose AI-specific permissions, the four AI-owned script may ... without restriction settings below determine what the script may do.

Benefit:

  • shown mode lets you keep a review step and still restrict file, write, network, and external-process access.

Risk:

  • even in shown mode, no permission combination can make a bad script safe by itself.

AI-owned external-permission settings

These settings matter whenever AI-owned script execution is enabled:

  • AI-owned script may read files without restriction
  • AI-owned script may write files without restriction
  • AI-owned script may use network without restriction
  • AI-owned script may execute external processes without restriction

Benefits:

  • they let you narrow what AI-owned scripts are allowed to do,
  • they are especially useful when you keep shown review mode.

Risks:

  • enabling broader permissions increases the impact of model mistakes,
  • if network access is allowed, the practical risk can be higher than in a no-network setup.