If you are worried about these things you can just take advantage of the "versatility" of the script.
A separate download with the keys posted on pastebin is a possible option.
The usage of "compressed MEMORY_FILE" (http://aluigi.org/bms/file_compressed_var.bms
) works at some level too since the keys can't be indexed on search engines.
There is even an interesting alternative like encrypting the file with the keys using rc4 (non-block-cipher, even a simple xor if you prefer) and your own key and then prompting the user to insert the correct key for going forward. No key, no extraction
It would be up to you to decide how distributing the key and where (a comment in the script?).