[nottorp]

Whatever it is, why do people scream about buffer overflows and insecure passwords and overcomplicate everything in the name of security...

... and after that they run externally sourced scripts without even making a local copy ... let alone give them a cursory look ...

[nequo]

I think this is right. We routinely check the integrity of the packages and installers that we download using cryptographic hashing. OpenBSD even has a dedicated tool for this purpose.[1] It would make sense to take the same approach with curled shell scripts.

[1] http://www.openbsd.cl/papers/bsdcan-signify.html