Do you have the ability to set the password yourself for the SQL Server login? If so, consider the following:

1. Come up with a string that is derivable from some concatenation of perl's predefined variables (e.g.  $<.$0.$^O or some such) -- use anything you can that "localizes" the string but keeps it invariable when the script is run as intended by the authorized user(s).
2. Get the MD5 signature of that string (formatted as base64), randomly select some subset of characters from the signature and put them together in some way to make the password.

Now all you have to do is write the script to derive the password in the necessary fashion, and bingo -- your password is generated at runtime.

I suppose that could be construed as skirting the official policy, but you can point out truthfully that the stated policy conditions are met: the password is not stored as clear text in source code, config file or registry. (It's built on the fly via variables that are likely to have unsuitable values if the script is usurped.)

If you are not able to change the password, play with a few different ways of deriving a string, until you find one such that a base64 MD5 sig contains the characters that make up the password, and build some suitably obfuscated way of pulling those characters in the needed order out of the sig.