It’s interesting in that shell scripts (small one’s) seem just like friendly bits of code that you can run. That’s not always the case, it’s probably never a good idea to just download a script and run it (esp using curl or wget). I discovered this very interesting article the other day about terminal escape injection and it works on pretty much every platform – mac, windows linux and even within python!
When in dought use cat -v in fact cat -v may be my new default for viewing code!
https://www.infosecmatter.com/terminal-escape-injection/