Only members of the Script Author group can save Spotfire files with scripts that are marked as trusted.

A file containing a trusted script is automatically executed when needed without first asking for end user consent. If the script is not trusted, the user is prompted to approve and manually trust the script for execution to prevent potentially harmful scripts.

Because the Spotfire Server tells a Spotfire client which scripts are trusted and which are not, a Spotfire client must not connect to unknown servers that the user does not trust. For this reason, the following pop-up is displayed if the user tries to connect to a server that has not been manually added to the list of known servers.

If the user does not trust the administrator of the Spotfire Server, then the user should click No. To limit the exposure of the infrastructure to the TERR, R, or Python script, you can configure the TERR service, Spotfire Service for R, or Spotfire Service for Python to run data functions in a Docker container on Linux. Alternatively, for TERR, you can run scripts in restricted execution mode.