> You never run curl dumping to stdout?

Not against untrusted URLs, no.

> You never cat or less a file you downloaded?

I don’t download untrusted files.

> You never ssh to servers run by other people?

100% no.

——-

Sounds like what you need more is a VM ;) executing anything untrusted in a secure environment is a dumb move.