Except it is insanely more difficult to pwn someone with a malicious JPG than it is to own someone who runs the script they just privately got from you....none of your arguments hold water and honestly they are stretching very far to try to make what you are doing appear to be anything other than sketchy with a capital S.