Yeah, you don't actually want to pipe to less and then rerun piped to bash because it's vulnerable to a TOCTOU problem. You want to save it the first time, then read it in your editor.
When you distribute those scripts around your org, you also want to verify them with a sha256 hash or something like that. This is what I do for installers I use this way and other software downloaded over HTTPS at work.
I also generally avoid installers that download other installers. If you've got a script that downloads platform-specific installers, you may prefer to write out specific instructions for each platform and download the platform-specific binaries directly. A shell installer like this running curl is a red flag imo.
When you distribute those scripts around your org, you also want to verify them with a sha256 hash or something like that. This is what I do for installers I use this way and other software downloaded over HTTPS at work.
I also generally avoid installers that download other installers. If you've got a script that downloads platform-specific installers, you may prefer to write out specific instructions for each platform and download the platform-specific binaries directly. A shell installer like this running curl is a red flag imo.