I would suggest that running cron via the ‘pi’ user would be preferred (always try to run with the lowest privilege possible).
In terms of credentials in a plain-text password file, a better solution would be to use an API Token (or similar) which wouldn’t need to use the cPanel username/password.
The script would need to be re-coded to support API tokens
https://documentation.cpanel.net/display/DD/Guide+to+API+Authentication+-+API+Tokens+in+WHM
I would suggest that running cron via the ‘pi’ user would be preferred (always try to run with the lowest privilege possible).
In terms of credentials in a plain-text password file, a better solution would be to use an API Token (or similar) which wouldn’t need to use the cPanel username/password.
The script would need to be re-coded to support API tokens
https://documentation.cpanel.net/display/DD/Guide+to+API+Authentication+-+API+Tokens+in+WHM