Fully agree. Unless the script is open source and ofc inspected, there isn't any guarantee it is safe. And virus scanning is not appropriate for customized scripts.
An OIV can also do damage, often by stupidity rather than bad intentions, but at least they can be inspected.
Asi mods are the most dangerous given hard if not impossible to decompile, but even then the average user won't have a clue how to decompile a dll. They won't even have a clue how to unarchive an OIV.
Edit: with the exception of mainstream tools like OpenIV, Codewalker, and the texture toolkit, i never install any mods with .exe files. Same goes for asi files accept the established ones, and never an OIV.
The only truly efficient way to mitigate the effects of such malware is to simply NOT run V as root/admin. Most people are lazy, though, as run all their software with admin privileges, so a full wipe-attempt will, indeed, be quite successful. Using an unprivileged account to run GTA V would perhaps cost you some personal documents under that account, but not much more.