Is it secure

[vv01f]

It is not secure to put secret keys online for e.g. signatures, but for encryption you need public keys only.
There should be no problem put to a (dedicated) public key online.

A problem can be if the JavaScript is served online and the connection cannot be trusted (that usually is the case on the internet), it is perfectly possible to change the deployed script and/or pubkey. To counter this you may want to activate TLS (aka SSL / HTTPS) and make sure the certificate is not exchanged (by certificate pinning).

Also this can be run locally / offline if e.g. you do not have a connection to a website and no rights to execute a email client with PGP.

You still will need a secure / trusted setup for decryption and signing, but that's the case with any client.

Still some encryption is better than none. Please provide at least your PGP keys in your imprint to enable others using it.