High-risk tools in Cmux Agent
29 of the 63 tools in Cmux Agent are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
cmux_browser_consoleExecuteGet or clear browser console logs/errors.
-
cmux_batchExecuteExecute multiple CMUX operations in a single MCP call. Each step references an existing cmux tool by name and provides its parameters. Steps run sequentially. Later steps can re...
-
cmux_browser_evalExecuteExecute JavaScript in the browser page.
-
cmux_browser_navigateExecuteNavigate the browser: goto a URL, or go back/forward/reload.
-
cmux_browser_waitExecuteWait for a condition in the browser (selector, text, URL, load state).
-
cmux_new_paneExecuteCreate a new pane (terminal or browser) in a workspace. Returns the new surface ref.
-
cmux_new_splitExecuteSplit an existing pane. Returns the new surface ref and updated pane count. -
-
cmux_new_surfaceExecuteCreate a new surface (tab) — terminal or browser.
-
cmux_new_windowExecuteCreate a new window. Returns the window ref.
-
cmux_respawn_paneExecuteRestart a pane process.
-
cmux_startExecuteLaunch CMUX if not already running. Opens the cmux.app.
-
cmux_browser_clickExecuteClick an element in the browser.
-
cmux_browser_fillExecuteFill an input field in the browser.
-
cmux_browser_openExecuteOpen a browser surface (split in the current workspace).
-
cmux_browser_tabExecuteManage browser tabs (new, list, switch, close).
-
cmux_browser_typeExecuteType text into an element in the browser (key by key).
-
cmux_drag_surface_to_splitExecuteMove a tab into a split position — turns a tab into its own pane by dragging it to a side. Does not close the tab.
-
cmux_focus_paneExecuteFocus a specific pane.
-
cmux_focus_windowExecuteFocus a specific window.
-
cmux_join_paneExecuteJoin a pane into another pane — merges two split panes together without closing either. The opposite of break-pane.
-
cmux_resize_paneExecuteResize a pane in a direction.
-
cmux_select_workspaceExecuteSwitch to a specific workspace.
-
cmux_sendExecuteSend text to a surface without pressing Enter. Works on all surface types (plain terminals and AI CLI agents).
-
cmux_send_keyExecuteSend a key press to a surface (enter, tab, escape, backspace, delete, up, down, left, right, ctrl+c, etc.). Works on all surface types.
-
cmux_send_key_allExecuteSend a key (e.g., ctrl+c, escape) to ALL panes in a workspace. Useful for cancelling all agents.
-
cmux_send_panelExecuteSend text to a specific panel.
-
cmux_send_submitExecuteSend text and press Enter to a surface. Works on all surface types (plain terminals and AI CLI agents).
-
cmux_send_submit_someExecuteSend the same text + Enter to SPECIFIC surfaces (not all). Target by surface refs — useful when only some agents need the same instruction.
-
cmux_session_recoverExecuteRecover a crashed CMUX session from the saved manifest. Recreates all workspaces, panes, and RESUMES each CLI
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.