Mutt contains neither an HTML viewer nor a HTML stripper. Mutt's
internal viewer simply shows the the message part you've chosen to view
as text data. If that message part is an HTML part, then you'd be
viewing the raw HTML (HTML being a superset of "text" data).
You can set auto view to the text/plain content part, which will give
you the plain text part of the message. Then you can use the "v"
command to see the mime parts, and selectively view individual parts as
desired.
I do not know of one built in to Mutt, but you could setup a bash
script that is invoked by mutt, that asks permission (look up the
"read" command and the -p option thereto) and then either invokes the
html to text conversion program (lynx et al.) or does not invoke it,
based upon your answer to the prompt.
Note that "automatically stripping" would itself involve "involuntary
invocation of additional software while viewing untrusted email",
violating your wish not to do so.

Well, you need a secure browser which doesn't e.g. let mails "phone
home". I don't know which of the popular text-mode browsers (lynx,
links, elinks, w3m; any others?) do that well.
Most HTML mails would be quite unreadable if you just stripped off the
tags. But I see what you mean: a program which just takes a HTML file
and renders it as text is less likely to let the mail /do/ anything,
compared to a browser, even a browser in "dump" mode.

Personally I let mutt call w3m to render HTML mail, and hope it
protects my privacy. I don't look at the text version of the mail
(i.e. the other half of the multipart/alternative) since it's
usually useless. Then I curse w3m because it doesn't show the
links in the mail, and so I end up using mutt's view-text command
to search the HTML (and pages of useless CSS) for that link I
want. The whole thing is less than ideal, but if the sender
cannot bother to communicate well, perhaps it wasn't so important
that I read their mails after all.
/Jorgen