pdf

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's FORMS.md workflow and accompanying scripts (e.g., scripts/convert_pdf_to_images.py, scripts/extract_form_field_info.py, scripts/fill_pdf_form_with_annotations.py) require the agent to ingest and interpret arbitrary user-supplied PDF content (including rendered page images and extracted text/annotations) as part of its mandatory processing and decision steps, so untrusted third‑party PDF content could materially influence tool use and next actions.