Yes, that's the point. You can, and probably should do that, but the guides don't bother with what is essentially making one command two because two commands is one more for someone to screw up.

I think the trade off they are taking is fundamentally a bad one with respect to security and accountability. It's not even about checking the script ahead of time. It's about checking what was actually run at a later date to see what happened. If the script is never stored to disk, determining whether a short lived hack of the script source affected you is much harder.

No, they don't bother because most people won't understand the script anyway, and just rely on the fact that many people have installed Rust this way and nothing bad happened to them.

You don't need to understand the script to have it in the directory and run a sha1 or md5 against it, and compare it against what should have been returned when there's an announcement that there was a problem.

That is what I mean by accountability. When nothing is left on disk of what was specified to execute, there's severely limited recourse in figuring out what happened.

I'm not suggesting every person does:

    curl > install.sh
    less install.sh
    sh install.sh

I'm suggesting they should be directed to do:

    curl > install.sh
    sh install.sh

and then later if there's a known problem, there are fairly easy ways for them (even a novice) to determine whether what they ran was legitimate or not. Piping a web request directly to a shell is a poor trade off WRT security to request of anyone, IMO. By that I mean that the gain in ease of use is extremely small, but the loss in accountability is fairly large in the case that there's a problem.