[jbstack]

Also there's always the risk that the bolt cutter has a defect (perhaps deliberately introduced at some point when it was manufactured) which will cause you more damage than the thing you're trying to prevent by carrying it.

I'm personally a bit wary of introducing a relatively obscure security tool into my setup, to protect against a rare possible attack. The chance that I'll get caught copy-pasting a compromised URL into my terminal is fairly small, and there's also a small chance I'll compromise my system either now or at some later point via a supply chain attack if I use the tool. Which chance is bigger?

[queenkjuul]

Is there really a supply chain vulnerability of you inspect the app and never update it?

This is, for me, a "set and forget" kind of tool -- why would i need to update a script?

[jbstack]

Are you really inspecting every app you install, including all its dependencies, and the dependencies of those dependencies, to a level of detail sufficient to identify sophisticated and obfuscated backdoors?

In the real world, nobody does this. Instead, you make a conscious choice to trust the apps that you install. Every decision of whether to install an app is a tradeoff between (a) the risk that that trust is misplaced, and (b) the benefits of the app.