fix: XSS vulnerability

packages/mermaid/src/utils.ts

@@ -105,6 +105,7 @@ export const detectInit = function (
 
   if (Array.isArray(inits)) {
     const args = inits.map((init) => init.args);
+    sanitizeDirective(args);
     results = assignWithDepth(results, [...args]);
   } else {
     results = inits.args;