Comment by fc417fc802

> how do you actually do that and prove that it's safe?

Obviously you can't. You assume it's best in class based on various factors including the fact that this is the same juggernaut that runs project zero. They also somehow manage to secure their cloud offering against malicious clients so presumably they can manage to parse a pdf to an image without getting pwned.

It would certainly be interesting to know what their internal countermeasures are but I don't know if that's publicized or not.