Well, technically it's not the curl itself that is the problem, but the "| <shell>" coming afterwards that does the damage. So, if the process is somehow broken up into 1) curl <the_script>; 2) analyse <the_script> and 3) only if safe, then execute <the_script> -- then it's not nearly as bad. Of course, that "analyse" step does all the heavy lifting, and if it happens to involve some form of local LLM then... excitement is guaranteed as they say.
curl can do evil things by itself due to terminal escape codes - a popular one was to set the title and then read the title back, which effectively types text into the terminal
Ah, the xterm "read title" bug, I seem to remember that was fixed some while ago, wasn't it? But yes, that is true, it's possible to exploit anything with enough determination; it wasn't that long ago that "viruses in image files" was a joke, but then we had the Android wallpaper bricker a few years ago... In the meantime, we have a few more layers of indirection between the code and the user, each one of them adding potential surfaces.