Security: More granular permission levels

Since an admin can upload AND execute a script, a compromised admin account means that an attacker can create and run a malicious script on all immybot endpoints.

We would like to have the ability to separate the script creation / upload of a new script from the ability of executing scripts on endpoints. That way, we can have separate accounts for each tasks.

Thank you,