asciidoctor-include-ext is vulnerable to command injection. The library renders user-supplied input in AsciiDoc
markup, which allows an attacker to execute arbitrary system commands on the host operating system when the allow-uri-read
is disabled.