Cinap mostly covered this, but yeah: if you don't trust the
system you're connecting to, cpu isn't really safe[1]. But
then, neither is anything else: even the simplest service
(say, telnet) can be trivially bugged with things like key
loggers if the remote side's untrustworthy.

If you've not read it, you (and everyone else in CS) should
read "Reflections on Trusting"[1], by Ken Thompson,
describing how he bugged the login program and then
made it roughly undetectable. Things like cpu's -P can
help in a sense, but at some point it comes down to
trusting the humans on the remote end.

[1]     http://cm.bell-labs.com/who/ken/trust.html