Employee Center role can see "SuiteScripts" directory. I'm thinking to handle with a restriction. Build a dynamic group to define accessible to Administrators only. Add a restriction for that group only to see SuiteScripts" directory. Will this cause issues? How do others handle...?

I manage all folder access through dynamic employee groups based on a saved search isolating roles based on our Delegation of Authority Matrix. I am not positive of the implications of doing this to the script folder but a quick test will tell you. I would imagine it would work fine to run a script even when restricted.

I did the same and tested in SandBox. Scripts still worked. User Event, Client Script.