On the point of restricting the contents of the embedded metadata, I think the proposal is right in focussing on the “run scripts with dependencies” angle as an established use case, but should not close the door on other use cases, which I imagine will crop up almost immediately should the PEP be accepted. If the PEP states e.g. that build system metadata “must not” be embedded, how will we find use cases for a potential further PEP in that direction, mentioned in that same breath? I think it would be better to say that any behaviour not described in the PEP is undefined for the time being, but not flat out disallowed.
Anecdata
For example, I have used the exact format being proposed here for a plugin system that used entry points and single source files. The embedded metadata was parsed in a first step, and extracted into a regular pyproject.toml file for installation with standard tools in a second step as needed. This very effectively solved the constraints of that particular situation, but would have been disallowed by the proposed restrictions.