pdf

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill directly ingests and processes arbitrary input PDFs (e.g., scripts like scripts/extract_form_field_info.py, scripts/convert_pdf_to_images.py, and scripts/fill_pdf_form_with_annotations.py) and extracts/reads text, form fields, images, and annotations, so it consumes untrusted third-party/user-provided content that could contain embedded instructions.