Totally Safe Downloads

This site hosts harmless demos of what can happen when someone says "just download this" or "paste this command into your terminal" and your survival instinct takes the afternoon off.

Safe demos of unsafe habits.
Suspicious commands, explained before they bite.
Security theater, but the educational kind.

Current Demo

legit.sh

A harmless shell script that pretends to collect interesting local details. In a real attack, this is where the quiet uploading, regrettable screenshots, and incident report would begin.

Definitely a file
Looks bashy
Auditable, if you audit it

$ curl https://totally-safe-to.download/legit.sh | bash
# Congratulations, you have outsourced trust to vibes.

The script is intentionally harmless. The pattern is not. Read the file first, understand it second, run it never-ish.

Inspect legit.sh Direct file URL

Downloads Are Code

Files are not magic envelopes. Sometimes they are instructions with permissions and opinions about your home directory.

Pipes Are Trust Falls

`curl | bash` is efficient, which is also what people say about forklifts before driving one through a wall.

Harmless On Purpose

These demos are built to teach without causing damage. The real internet did not agree to the same terms.

Do not blindly run things from the internet, including this very convincing website. Especially this very convincing website.