When we discussed the Terms of Service and multi-account play previously I was heartened by Artem's response, to paraphrase: there are no new rules other than the rules as written but don't try to circumvent these rules with code.
1. Offline command execution should be ok because of the 2 levels of uncertainty: the results of the correct context for a command are not knowable by an external script, and commands are not executed until the following tick. This means at minimum a 2 tick latency for commands.
2. I consider offline training of an AI to be a primary motivation for experimenting in this game. Getting that AI to perform well is a challenge because of the limitations placed on user scripts: limited CPU and 12MB of persistent storage. Offline pathfinding is hardly an issue and using it is just a crutch which limits the abilities of a script.
3. information leakage is the most significant use of the web API "not as intended" by the developers and the thing I think we should be addressing.
Already we have both public and private services which scrape the web API in order to gain new information and reveal tactical information about the game world. Some of these services mirror functionality which could be gained by having a large network of allies in the game, but other services can remove gameplay constraints and provide an advantage which can only be repaired by hiding information from the best advertisement for the game: the ability to spectate the living world.
I propose that communication creep population from the web API and introducing this information to the game without human intervention should result in a ban. I don't think that any other data tool like portal or markets is as threatening to the core gameplay as unlimited visibility of creeps on the map.