Unfortunately no - the curl commands will by default go out over http, which does not use TLS at all or provide any guarantee of remote server integrity, just like plain TCP.So an attacker with the right network posture (say, they pwned your router or a hop between you and these servers, can just reply with plain HTTP and give you code that you will run.
Like op said, just tack on -f and https://, and remember to do this in the future.
No comments yet.