PDF Processing

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt includes examples that embed plaintext passwords in commands and code (e.g., qpdf --password=mypassword --decrypt ... and writer.encrypt("userpassword","ownerpassword")), which encourages the LLM to output secret values verbatim and is therefore insecure.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). This skill explicitly processes arbitrary, user-supplied PDF files (see FORMS.md and scripts like extract_form_field_info.py, convert_pdf_to_images.py, fill_pdf_form_with_annotations.py) and extracts/interprets text and form data from those documents, so it ingests untrusted third‑party content the agent will read.