The risk here is different but you could imagine someone trying to migrate password managers and pasting a script they found on GitHub that purported to help.