cmux
Warn
Audited by Snyk on Mar 4, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.90). The skill exposes the agent to untrusted third‑party content because its core CLI includes browser automation commands (e.g., "cmux browser open/goto", "browser get <html|text>", "browser eval", and "snapshot") described in SKILL.md and references/cli-reference.md that navigate to arbitrary URLs and read/execute page content which can influence subsequent actions.
Audit Metadata