It's not only the original author, don't forget, but it's any malicious actor that's managed to compromise that hosted script.
It should be viewed in the same way that a package author on NPM or PyPI may publish a malicious package, either themselves or via their account being compromised. It's not particularly common, but nor is it impossible and could present a good targe.
It should be viewed in the same way that a package author on NPM or PyPI may publish a malicious package, either themselves or via their account being compromised. It's not particularly common, but nor is it impossible and could present a good targe.