First Seen
Feb 18, 2026
Last Scanned
Feb 22, 2026
Findings
2
Score
75/100
Findings (2)
Detects patterns of downloading and piping to shell execution
curl | shDownload the file first, verify its integrity (checksum, signature), inspect it, then run it. Prefer package managers over raw downloads. Never fetch-and-run in one step.
Likely FP if the target is a well-known installer (e.g., rustup, Homebrew) from its canonical HTTPS domain, though the pattern is inherently risky.
Detects chained commands using shell operators with dangerous operations
echo "peekaboo not on PATH"`
### B) Keep commands single-purpose
Prefer multiple small commands over one “do everything” pipeline. This makes it easier to review and safer to approve.
### C) Lon...Break chained commands into discrete, individually validated steps. Avoid piping untrusted output directly into a shell interpreter.
Likely FP if the matched text is a documentation example showing a common installer one-liner for a well-known tool with a canonical URL.