To be clear, I want to state that I appreciate your sensitivity to security. I am generally hyper-sensitive to it, too. I'm in the cybersecurity industry (a few patents in the 2FA area) and watch these things very closely.
First of all the computer's in my house, not an office. If someone unauthorized gets into my house and breaches the password of the desktop Mac in my office I've got way bigger problems than that password.
Also, the computer is locked when I'm away from the desk so someone would have to know the password in order to get to the AppleScript to see the password. The folders in which I store my scripts aren't on a network drive, Dropbox, shared folders or anywhere other than the local drive. The drive itself is encrypted using FileVault 2.
So, while you are correct that there is a risk involved, it's one that I'm willing to take in this situation. That all said, I agree keeping or sending passwords in plain text is a risk. Unless it is very carefully thought out I don't recommend that anyone do it.