Node has a great tool for this, node.vm. Basically you can run a script in your own context, effectively isolate it.
Of course, since Node runs on a single thread, a malicious script can always shut down your server by simply doing:
while (true) {;}
To be completely secure, you need to create a new process and use messaging to communicate.