Describe the bug
Bitdefender reports malicious command line detected during Bun install of 'pip install reflect' on Windows 10.

Notification from Bitdefender
The app C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe was passed a malicious command line and has been blocked. Your device is now safe.

Command line: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" powershell -c "irm https://bun.sh/install.ps1|iex"

To Reproduce
Steps to reproduce the behavior:

1. Create a new python virtual env
2. pip install reflex
3. Wait for Bitdefender to complain

• Code/Link to Repo:

Expected behavior
Installation without notification from Bitdefender

Screenshots
If applicable, add screenshots to help explain your problem.

Specifics (please complete the following information):

• Python Version: 3.12.2
• Reflex Version: 0.4.8
• OS: Windows 10
• Browser (Optional):

Additional context
I can successfully run the command 'powershell -c "irm bun.sh/install.ps1 | iex"' without issue so not sure if Bitdefender just doesn't like it coming from the 'pip install reflex'.

I see, perhaps you can temporarily disable bitdefender's commandline scan feature when running reflex init. See this thread for more https://community.bitdefender.com/en/discussion/93370/malicious-command-line-detected

I see, perhaps you can temporarily disable bitdefender's commandline scan feature when running reflex init. See this thread for more https://community.bitdefender.com/en/discussion/93370/malicious-command-line-detected

I was able to install bun myself by running the command manually. Reported here because of the issue in case this needed a warning for other users or if there was something that could be reported to bitdefender so this isn't an issue for others going forward. Thanks for the quick response.

We'll keep this one open until we come up with a good solution.

I think ultimately i'd like to see bun and node installed via binary wheels from pypi so we get better caching and avoid issues with dynamic installation at runtime.