Not reassuring

Many have bemoaned the trend of installing Unix software by downloading a script from the web and piping it to the shell.

Usually people providing such installers invite users to review the source code to ensure it’s not doing anything malicious.

But not pip!

Download and execute it, using the Python interpreter of your choice:

$ curl | python

This may have to be run as root. [emphasis mine]

This is the first couple lines of

#! /usr/bin/env python

sources = """

Not reassuring.