If you're telling people to run random commands in their terminal that lead to local code execution, then you should trust that they can read a goddamn URL.
If you don't think your user base can read URLs, then you shouldn't be telling them to launch the terminal and run your code.
You are providing an HTTP link to git.io, so it cannot be verified whether I am connecting to the real git.io. This means an attacker can fake himself being git.io very easily (a classic man-in-the-middle attack).
It doesn't matter if git.io can only shorten git urls, as git.io will never be involved in a potential attack.
Using a link shortener is okay, but use one that supports HTTPS.
