So the attack vector is executing javascript in PDFs, other scripts in SVG images or Macros in office documents.
I am curious if the PDF viewer runs any javascript code at all?
And what image viewer would you use to open such images in the first place? All viewers I know have access at least to all my photos, which is kind of a lot.
Then dangerzone is also for converting office files. I am not sure if CollaboraOffice Android even executes Macros or if they werent simply broken. Collabora Office can use the filechooser portal and thus run fully sandboxed.
Then dangerzone is sanitizing documents without opening them. It uses a restricted podman sandbox and gVisor, a memory safe and minimal application kernel, which should prevent attacks on the kernel directly.