pdfco
Warn
Audited by Snyk on May 5, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.70). The SKILL.md explicitly exposes PDF.co actions (e.g., "Convert Web Page to PDF" and many PDF import/convert/extract actions) and shows running Membrane actions with input JSON/parameters, which allows the agent to fetch and ingest arbitrary public/web-hosted or user-supplied PDF content from third-party URLs and thus read/interpret untrusted, user-generated content as part of its workflow.
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata