- No permissions, isolates PDFs in a sandboxed WebView (no network/files access).
- CSP enforces static APK content, blocks fonts.
- Memory-safe rendering with disabled code execution.
- Exploits confined to Chromium’s limited sandbox, restricting system access.
- Reduces risks of code execution, data leaks, or external threats.