Comment 2 for bug 1196731

blockdiag looks safe. It writes tag contents to a file, then runs blockdiag against it. blockdiag doesn't have directives that shell out, write anywhere, or read from anywhere. The MW extension shells out, but none of the parameters are based on user content. It's written for a really old version of MW. It may be necessary to update the code and upstream it, but I'll try it out to see.