I think the easiest solution to prevent such injections is just to render PDFs by page into images, and feed the images into whatever downstream task. I believe this is enough to prevent the attacks techniques listed in the repo :)

[dead]

[dead]