curl | sh — why AI agents must not run it unattended
curl | sh is a high-severity command that AI coding agents run without human checkpoints. DestructGuard's strict tier blocks this pattern and logs every approve-or-abort decision to a JSONL audit trail.
curl | sh
What it does
Pipes remote script content directly into a shell interpreter.
Why agents run it
Autonomous coding agents optimize for task completion. When refactoring, cleaning up, or syncing repositories, agents often reach for curl | sh because it appears to solve the immediate problem — without surfacing irreversibility to the operator.
Default blocklist tier
DestructGuard's strict rules tier includes curl | sh by default. Teams on the strict tier also block adjacent patterns. Pair with git pre-commit and pre-push hooks from the Pro Pack for defense in depth.
How to allow with audit
When a blocked command is genuinely needed, DestructGuard prompts for explicit approval and records the decision. Upload the audit log to IncidentScribe to reconstruct what happened before an outage.