Is python-markdown safe on untrusted input?

The Python Markdown library appears to be safe as far as anyone knows, if you use it properly. See the link for details about how to use it safely, but the short version is: it is important to use the latest version, to set safe_mode, and to set enable_attributes=False.

Update: safe_mode is now due to be deprecated, because of the security problems with it. See https://github.com/Python-Markdown/markdown/commit/7db56daedf8a6006222f55eeeab748e7789fba89. Instead, use a separate HTML sanitizer, such as HTML Purifier.