Mitigating the risk of downloading a script from the internet and executing it
-- even from a "trusted" website or package manager -- is absolutely a good reason not to use it.
Any decent distro has it. So you don't need to execute any random scripts, just install it or prepare the image with it for your OS install. That's it.
I don't really get this whole defaults being a blocker for tools choice.
I don't really get this whole defaults being a blocker for tools choice.