It is on the level of "sudo curl URL". It is an obviously stupid thing to do from a security perspective, but projects have suggested doing it to install their software.

If you are new to helm or haven't considered the security around it, it is good to know what to look out for.