I would read up on the security section. Only the developer should really have access to a Full Access privilege set. Your user would have another privilege set that has the limitating factors. If there is something that needs to be done witha script that she does not have access to normally, then you can run the script with Full Access which will grant her temp access only for the specific functions of the script. So lets say she doens not have access to edit a certain field. Well she ran the script normally, it will error out because she can not modify the field. However, it run will full access, then she can edit the field via the script.
Best bet is to read up on it until you are comfortable and then come back with more specific questions.