No solution that runs on the client side can be made secure. That is true for any software, not only UIvision.
But maybe look at Demo Embed RPA software scripts into a website - the macro code is still visible, but at least you do not need to send the macro code to your users directly. So it is “a little bit” secure and very convenient for the users.
I can run the scripting portion on a remote server and use the extension just as a client?
Well, you can run everything on the server by using the RPA command line. But then everything happens on the server. I think that is not what you want.