cmux-freestyle
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFEREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill provides a 'one-liner' installation command that downloads a shell script from the author's public GitHub repository and pipes it directly to bash (
curl -fsSL https://raw.githubusercontent.com/manaflow-ai/cmux-freestyle/main/install.sh | bash). This is a common pattern for CLI tool installation but requires trust in the source repository. - [COMMAND_EXECUTION]: The skill instructs the agent to execute a local dispatcher script (
setup.sh) with various subcommands such asdoctor,snapshot,web, andhome. These scripts perform environment validation, VM snapshot creation, and project bootstrapping. - [EXTERNAL_DOWNLOADS]: The setup process involves cloning several repositories from the
manaflow-aiorganization (cmux-freestyle,cmux) and downloading thecmuxd-remotebinary from GitHub releases, which is then verified against a checksum file. - [CREDENTIALS_UNSAFE]: The skill documentation describes handling several sensitive keys, including
FREESTYLE_API_KEY,TAILSCALE_AUTHKEY, andGITHUB_TOKEN. It correctly advises users to manage these via environment variables or.env.localfiles, following standard security practices for secret management. It also mentions the use ofsshpassfor automating SSH sessions to the created VMs.
Audit Metadata