Good question on mime type. Either would work. Octet-stream will
always be downloaded, while text/plain will render in the browser
unless you set an extra download header.
My 2c: Graphviz is C code with quite a few fuzzer-found bugs we
haven’t had time to fix. I’d try to sandbox it, at least in a separate
process, and ideally in a different user or sandbox, if you’re running
Graphviz with attacker-controlled strings.