pdftk-server

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt's examples and workflows show embedding plaintext passwords directly into pdftk command-line arguments (owner_pw/user_pw/input_pw), which requires the LLM to include secret values verbatim in generated commands and therefore poses an exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). This skill operates on arbitrary user-supplied PDF files (see "Input PDF Files" and commands like "pdftk input.pdf ...", "dump_data"/"dump_data_fields", and "unpack_files"), so it clearly ingests untrusted third-party content that could carry indirect prompt-injection content.