Many shell users, and certainly most of the people working in computer forensics or other fields of information security, have a habit of running /usr/bin/strings on binary files originating from the Internet. Their understanding is that the tool simply scans the file for runs of printable characters and dumps them to stdout - something that is very unlikely to put you at any risk.
more here........http://lcamtuf.blogspot.com/2014/10/psa-dont-run-strings-on-untrusted-files.html
more here........http://lcamtuf.blogspot.com/2014/10/psa-dont-run-strings-on-untrusted-files.html