XSS possible in https://npm.runkit.com/react-native-html-to-markdown page

It is found that page (RunKit) has XSS possible, If you run following code in code snippet

var reactNativeHtmlToMarkdown = require("react-native-html-to-markdown")
var markdown = reactNativeHtmlToMarkdown.convert('<script>alert(1)</script>');

Hi there,

Thank you for raising this concern. Rest assured, the code you’re running is securely sandboxed and will not result in a XSS exploit. If you inspect the DOM after the code is run you will see that not only on a completely separate domain, but also a unique subdomain. This technique leverages the browsers own same-origin sandboxing security model. This alert, or any javascript you might run, will not be able to break out of the sandbox and talk to the parent page.

RunKit is a tool for running arbitrary code, as such we’ve taken several measures to ensure it’s secure.

Thanks again,
- Randy

Hi Randy
I totally get your point. Good to know that it’s secure. Thanks for building such a nice tool.