read_pdf

Primary V3 PDF reader. With only sources, it auto-inspects and returns a routed Agent Document Twin; use auto_detail or explicit include_* options for precise control.

Server Pdf Reader @sylphx/pdf-reader-mcp
Category Read
Risk class Low
Parameters 121 required

What read_pdf does on Pdf Reader

AI agents call read_pdf to retrieve information from Pdf Reader without modifying anything — typically the context-gathering step in research, monitoring, and reporting workflows, before the agent takes action elsewhere.

ParameterTypeRequiredDescription
auto boolean Automatically inspect each source and choose high-value extraction options before reading. Defaults to true when no explicit include_* options are supplied; exp
sources array Yes
auto_detail object Automatic extraction depth. fast returns the core document twin route, balanced adds trust/accessibility evidence, and full adds fuller text/HTML/structure outp
include_html boolean Include a simple HTML rendering of extracted pages for preview, export, and downstream conversion.
sample_pages integer Maximum number of pages to sample per source when automatic inspection is enabled. Defaults to 5.
include_chunks boolean Include page-level citation-ready chunks with text, element IDs, page ranges, and best-effort bounding boxes.
include_images boolean Extract and include embedded images from the PDF pages as base64-encoded data.
include_tables boolean Detect and extract tables from PDF pages. Uses spatial clustering of selectable text coordinates and, when include_ocr_text_layer is enabled, OCR word boxes to
include_outline boolean Include document outline/bookmark entries when the PDF exposes them.
include_elements boolean Include agent-ready structured document elements with page numbers, stable IDs, provenance, and best-effort bounding boxes.
include_markdown boolean Include a Markdown rendering of extracted pages for RAG, summarization, and agent context.
include_metadata boolean Include metadata and info objects for each PDF.

Parameters from the server's own tool schema.

Why read_pdf needs a policy

This tool retrieves and queries PDF file content. It has no side effects—it does not create, modify, delete, or execute operations. The mechanism of 'auto-inspect' and content routing is still fundamentally a read operation. Severity is low because unauthorized PDF reading carries limited direct harm compared to write, execute, or destructive operations, though sensitivity depends on document classification.

From the tool's definition Tool name 'read_pdf' and description states it 'returns a routed Agent Document Twin' with options for reading PDF content.

Risk signalsAccepts file system path (sources[].path) · Accepts URL/endpoint input (sources[].url) · High parameter count (36 properties)

Questions about read_pdf

What does the read_pdf tool do? +

Primary V3 PDF reader. With only sources, it auto-inspects and returns a routed Agent Document Twin; use auto_detail or explicit include_* options for precise control. It is categorised as a Read tool in the Pdf Reader MCP Server, which means it retrieves data without modifying state.

What parameters does read_pdf accept? +

read_pdf accepts 12 parameters: auto, sources, auto_detail, include_html, sample_pages, include_chunks, include_images, include_tables, include_outline, include_elements, include_markdown, include_metadata. Required: sources. The full parameter table on this page comes from the server's own tool schema.

How do I enforce a policy on read_pdf? +

Register the Pdf Reader MCP server in PolicyLayer and add a rule for read_pdf: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches Pdf Reader. Nothing to install.

What risk level is read_pdf? +

read_pdf is a Read tool with low risk. Read-only tools are generally safe to allow by default.

Can I rate-limit read_pdf? +

Yes. Add a rate_limit block to the read_pdf rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.

How do I block read_pdf completely? +

Set action: deny in the PolicyLayer policy for read_pdf. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.

What MCP server provides read_pdf? +

read_pdf is provided by the Pdf Reader MCP server (@sylphx/pdf-reader-mcp). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.

// LOOK UP ANOTHER SERVER

Every MCP server has a record like this.

Type a name, get the same breakdown: verified identity, auth posture, risk grade, capabilities, recommended policy.

Teams ship this data inside their own products. See what a licence covers →

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.