Appreciate the feedback. The steps you listed are essentially what the site is doing. Upload a PDF, add the black boxes, it gets converted to PNG and back to a new PDF. The value of this tool is just to streamline that process to make it quicker and easier.

The point about metadata is a good one, I checked a test file that I used and you can't see metadata from the original PDF, you only see basic info about the new PDF file and that it was produced by pdf-lib.

There definitely could be other things that a redactor should do, but for most use cases I think steganographically stored info lives outside of the threat model.

edit: ran strings on the output file, nothing but PDF structure and compressed image data, no original text content - thanks for the suggestion.