yaoke259 parent
the reason I made it is that mdxjs (afaik) only works with a build step and locks the user into React, and you are still technically running code sent by the LLM, rather than a more secure static JSON like object.
No and yes.
MDX parses JSX so it's compatible with any JSX runtime, not just react.
You're right that MDX executes arbitrary code because it supports the `import` and string interpolation of MDX and performs unsafe evals.
Because those evals aren't safe to use at runtime, I actually created a library that uses the MDX parser to support the static subset of JSX (which is very similar to HTML making it static and secure): https://www.npmjs.com/package/react-markdown-with-mdx