Yes, it's generally a bad idea to run everything you see on the web, but in this case my users know me in real life and could hunt me down if I sent them a virus. :)

And how is clicking "open" instead of "save" and then running it a security hole? They both accomplish the same thing but the first method doesn't require you to delete the file you saved later. Is it a case of more clicks = more security?

Anyway, this whole project is all about convenience, so the suggestions about giving them the command that they can run themselves kind of defeats the whole purpose. Thanks, though.