We are indeed researching how to support this, we even had that supported by passing them as arguments but that exposes some security concerns as they would be cached in shell’s command history. So we are looking at alternatives like mentioned above.
This is just another type of UI on top of the safe_authenticator library, as an alternative to the GUI we have in the browser. Thus in terms of API, that should be coming from the safe_client_libs API (and potentially its language bindings), we in fact already had some internal discussions in relation to this aspect.
As per this tool, the idea is that it can be integrated with other apps in different forms, including the system URI already used in browser and apps, or chaining this app using its stdin/stdout with other apps, or using the webservice it already exposes (PoC now and we should see which form such interface should have moving forward).