Malicious code’s color is set to that of the background, it’s font size is set to 0, it is moved away from rest of the code and it is made un-selectable
Looking is not always sufficient, there can be embedded subshells, newlines, etc. that’ll caise execution immediately. You need to inspect it in a separate program very carefully. Frankly, you probably shouldn’t ever copy and paste anything into a shell. Type it by hand. In a similar vein there are beautiful ways to hide malicious payloads in installer scripts (e.g. inspecting the user agent do it shows up as harmles when inspected in a browser) which are ever so popular with “hip” developer tools that can’t be arsed to go through the hassle of getting included in a distro properly, because releasing ten versions a day is “modern”…
Most modern terminals will show you the text before actually pasting, but this is good advice regardless.
