• use generic URL scheme jump authorization method
• synchronize user scripts from a specified repository path
• store the authorization token in the system keychain (if feasible)
• update strategy based on file hash or update time instead of metadata

Just to record some key points and ideas, no promises, no estimated time.