One thing that MarkDown allows is inclusion of arbitrary HTML.
Don’t allow any HTML at all.
This certainly is the safest option, but also the most limiting: It means that either we have something implemented in Markdown, or we don’t have it at all.
Allow a hand-curated list of HTML tags, and no attributes.
This is as safe as the first option (except there’s more opportunity to make mistakes), but requires more development effort. On the other hand, it allows to easily support features that are not or not yet implemented in MarkDown, as long as it can be done with attribute-free HTML tags.
Allow a hand-curated list of HTML tags and a hand-curated per-tag list of attributes.
This is the most complex (and most easy to screw up) option, but also the most flexible one.
I think for MVP we can simply disallow HTML. But maybe someone considers as essential some HTML feature that’s not available in MarkDown.