Expert guidance for developing and testing security-focused markdown sanitization packages (harden-react-markdown and markdown-to-markdown-sanitizer). Provides repository-specific commands, testing strategies, and security best practices.
This skill has been flagged as potentially dangerous. It contains patterns that could compromise your security or manipulate AI behavior.Safety score: 20/100.
KillerSkills scans all public content for safety. Use caution before installing or executing flagged content.
Expert guidance for the vercel-labs/markdown-sanitizers monorepo containing security-focused npm packages for hardening markdown against data exfiltration attacks through LLM prompt injection.
This monorepo contains two related packages:
1. **harden-react-markdown**: React wrapper for `react-markdown` with URL filtering
2. **markdown-to-markdown-sanitizer**: Standalone markdown-to-markdown sanitizer for third-party rendering (GitHub, GitLab)
**Package Manager**: pnpm (NOT npm)
When exploring this codebase:
**Root-level commands:**
```bash
pnpm test # All packages
pnpm run test:harden-react-markdown # React wrapper only
pnpm run test:markdown-to-markdown-sanitizer # Sanitizer only
```
**Package-specific testing:**
For `harden-react-markdown`:
```bash
cd harden-react-markdown
pnpm test # Run all tests
pnpm run test:watch # Watch mode
pnpm run test:ui # UI mode
```
For `markdown-to-markdown-sanitizer`:
```bash
cd markdown-to-markdown-sanitizer
pnpm test # All tests
pnpm run test:watch # Watch mode
pnpm run test:ui # UI mode
pnpm run test:coverage # With coverage
pnpm test -- tests/basic-sanitization.test.ts # Single file
```
```bash
pnpm run build
pnpm run prepublishOnly # Build + test
```
For `markdown-to-markdown-sanitizer`:
```bash
pnpm run check-types # Source files
pnpm run check-types:tests # Test files
pnpm run check-types:all # Everything
pnpm run lint # Source files
pnpm run lint:tests # Test files
```
Both packages benefit from shared bypass attempt tests. To add new security tests:
**harden-react-markdown:**
**markdown-to-markdown-sanitizer:**
- `MarkdownSanitizer`: Main orchestration
- `UrlNormalizer`: URL validation and prefix matching
- `HtmlSanitizer`: DOMPurify wrapper with GitHub-compatible rules
When working with URL filtering:
**These packages are for defensive security only:**
**Do NOT:**
**Adding a new security test:**
1. Create markdown file in `markdown-to-markdown-sanitizer/tests/bypass-attempts/`
2. Run `pnpm test` from root or package directory
3. Verify both packages handle the attack vector
4. If bypass succeeds, implement fix in appropriate package
**Making changes to URL filtering:**
1. Modify `UrlNormalizer` in markdown-to-markdown-sanitizer
2. Update corresponding logic in harden-react-markdown if needed
3. Run full test suite: `pnpm test`
4. Add specific test cases for new behavior
**Publishing updates:**
```bash
cd harden-react-markdown # or markdown-to-markdown-sanitizer
pnpm run prepublishOnly # Build + test (harden-react-markdown)
pnpm run build && pnpm test # For markdown-to-markdown-sanitizer
```
Leave a review
No reviews yet. Be the first to review this skill!
# Download SKILL.md from killerskills.ai/api/skills/markdown-sanitizer-development/raw