If you have PDF enabled in your Joomla articles, anyone who views the PDF will see the Jumi code you put into the article. If your include scripts are outside of your web directory, you'd be ok from hackers. Nonetheless, not a very good security featuer. PDF viewing should be disabled until the issue is corrected
Not a Jumi bug but a Joomla! feature.
It's about inborn method with which Joomla processes its content plugins.