GraalVM supports running javascript in a sandbox with a bunch of convenient options for running untrusted code.

https://www.graalvm.org/latest/security-guide/sandboxing/