At the moment out output log on the downloads screen looks like:
By changing the way we filter the rows from check_plain to filter_css we can make it look like
check_plain strips all html. filter_xss strips certain exploits. It should be noticed it may not be completely safe - there may be an obscure way a link that should not be clicked on could get in there. It would need to be in the file that we try to import as full html and happen to be at the top of the file since we only display some of the fails and of course it would be unlikely to be clicked on. So, I would need to be deliberately malicious & very lucky for it to be an issue. @Ejegg what do you think?
https://api.drupal.org/api/drupal/includes%21common.inc/function/filter_xss/7.x