Why does this need to pipe a script into bash from a non-github origin?

And in that script, you're actually piping another script from yet another domain (`https://goblin.reaper.im/`), where reaper.im looks like some kind of ad-infested parking domain?

Not using https is bad.

curl -sf http://goblin.run/github.com/remorses/docker-phobia | sh

Also why just include that shell script in the repo and have people curl that?

Cool, gonna try this soon. Would be great to use in combination with Dive (https://github.com/wagoodman/dive)

Ran this instead of that scary pipe thru sh command

go install github.com/remorses/docker-phobia@latest

No thanks, this looks shady as hell.