Convert-Markdown-PDF-MCP

Critical risks identified: 1. **Directory Traversal**: The `output_path` argument for the `convert_markdown` tool is directly used to construct file paths for PDF output. An attacker could specify paths like `../../../../evil.pdf` to write files to arbitrary locations outside the intended directory. 2. **SSRF/Malicious Image Download**: The `download_image` function in `converter.py` fetches image URLs directly from markdown `img src` attributes. If markdown input is untrusted, this could lead to Server-Side Request Forgery (SSRF) or downloading large/malicious files, causing resource exhaustion or internal network exposure. 3. **Arbitrary File Read (Potential)**: While less direct, the `read_resource` handler for `pdf://local/` and `markdown://local/` schemes might allow reading arbitrary files if the URI path is not sufficiently sanitized beyond basic scheme replacement, given that `Path()` is used directly with the extracted path component. The `list_resources` also lists all markdown/pdf files in the current working directory, which might expose more than intended. These vulnerabilities make the server unsafe to run with untrusted user input without significant hardening.