Question: What precautions should I take when I let clients add custom JS scripts to their pages?

IF you want more details:

I am working on a custom CMS like project for a company, The CMS has number of “groups” that each subscriber “owns” where they do their own thing.

The new requirements is that some groups want to add google analytics to see how they are doing. So I naturally added a column in the table and made code adjustements so if there is some data in that column, I just use the following line in master page to set the script out:

ScriptManager.RegisterClientScriptBlock(Page, typeof(Page), "CustomJs", CustomJs, true);

It works just fine, only, It got me thinking…

It’s really easy for someone with good knowledge of how to access cookies etc from from js. Sure, each group is moderated and only super admin can add this javascript, sure, they wouldn’t be silly enough to hack their own group. Each group has their own code so its not possible to hack other groups BUT STILL

I am not really comfortable in letting user’s add their own javascript codes.
I could monitor each group myself, but the groups are growing really quick and I will hit a time when I will no longer be able to do that.

So, to brief it up: What precautions should I take to avoid any mishaps ?

ps: did try to google, no convincing answers anywhere.