If you can get the package included in a standard OSS apt repository like Debian/free or Ubuntu/universe (which are independently compiled, and promote reproducible builds), it would be easier to trust and install your package without having to blindly execute (or take the time to understand) some arbitrary shell script downloaded from the web. Since it's a security application, it would benefit a lot from this trust, and reach more users.
Then one could install it with just sudo apt install softu2f.
Since you already have all the automation and builds set up, and the software is considered stable/final, it might be easier to get it included. See RTP/ITP in https://unix.stackexchange.com/questions/620672/how-can-i-publish-a-deb-package
If you can get the package included in a standard OSS apt repository like Debian/free or Ubuntu/universe (which are independently compiled, and promote reproducible builds), it would be easier to trust and install your package without having to blindly execute (or take the time to understand) some arbitrary shell script downloaded from the web. Since it's a security application, it would benefit a lot from this trust, and reach more users.
Then one could install it with just
sudo apt install softu2f.Since you already have all the automation and builds set up, and the software is considered stable/final, it might be easier to get it included. See RTP/ITP in https://unix.stackexchange.com/questions/620672/how-can-i-publish-a-deb-package