Hi... I am not sure if this is true for all. I have been running scripts successfully on v6.2.4 with a generic role without "edit_scripted" capability.
According to the authorize.conf docs,
edit_scripted lets you edit scripted inputs.
runshellscript as a search command is not supported: http://docs.splunk.com/Documentation/Splunk/6.3.0/SearchReference/Runshellscript
I constructed a role with very few capabilities and could not use runshellscript nor have one of my alerts call a shell script. I added 'edit_scripted' to my pared down role and voila everything started working.
Therefore, I'm guessing that it is a needed capability.
I would love it if someone from Splunk could actually consult the code to answer this question.
perhaps some capabilities are super-sets of editscripted? ie: if you have capability "X" then you don't need "editscripted".
I really wish someone who has access to the splunk code would weigh in here!