It's safe to say that I don't get your point.It's complex enough to me. Isn't the origin of the script = the webpage I'm visiting?
But you also write about an option for injecting one's own JS instead, right? But I agree that NoScript is complex and can lead to important mistakes.