Shellax Guide
Document Security Checklist for PDFs and Office Files
If your team regularly receives files from email, vendors, clients, or public uploads, a lightweight checklist helps reduce avoidable exposure. This checklist is designed for quick triage before opening or forwarding a file internally.
Before opening
Confirm who sent the file, whether it was expected, and whether the filename matches the surrounding context. Treat urgency, invoice language, and unexpected attachments as higher risk until proven otherwise.
During inspection
Check the file type, scan for script or macro indicators, and look for embedded objects, suspicious relationships, or action triggers. For PDFs, review JavaScript and auto-action clues. For Office documents, inspect for macro artifacts and hidden content.
Scanner review
Run malware scanning where possible and compare the result with structural findings. A file that is structurally suspicious but scanner-clean may still require containment. A file flagged by a malware scanner should be escalated immediately.
Decision points
Mark files as clean enough to proceed, suspicious and in need of sandboxing, or dangerous and in need of quarantine. The important part is consistency. A repeatable process reduces risky one-off decisions by individual users.
After review
Document what was found, how the file was classified, and what actions were taken. Good records improve future triage and make recurring patterns easier to spot across multiple uploads or senders.
Related tools and guides
Use the document security scanner for mixed uploads, the PDF malware scan for PDFs, and the DOCX macro checker for suspicious Word files.