The browser used by the Markdown plugin executes scripts provided in Markdown files. This could have security/privacy implications.
Meh, the whole point is to execute the code in a real browser engine, and it's as sandboxed as much the underlying WebKitGtk library itself. Would be similar to reporting a bug to Firefox that it executes JavaScript, so closing. Feel free to re-open if I'm wrong.
Is it possible to tell the browser to not execute scripts?
It might be possible via the WebKitGtk API, a decent patch submission adding a plugin preference to disable JS would probably be accepted.