pdf-tools

Warn

Audited by Socket on Mar 1, 2026

1 alert found:

Security
SecurityMEDIUM
SKILL.md

Overall, the fragment appears to be a coherently scoped, legitimate documentation piece for PDF tooling. There are no evident malicious behaviors, credential exposures, or unintended data flows in the described content. The only minor concern is a truncated line at the end of the notes, which does not introduce any security risk by itself. The install sources (PyPI) and system dependencies (Poppler) are standard and trustworthy when used in legitimate setups.

Confidence: 75%Severity: 75%
Audit Metadata
Analyzed At
Mar 1, 2026, 05:13 AM
Package URL
pkg:socket/skills-sh/winsorllc%2Fupgraded-carnival%2Fpdf-tools%2F@ad6b0aaa9f4efb0cee241fd6f21e99b39d199e61
Security Audit — socket — pdf-tools