Allowing 3rd party CSS sheets loading in my content?

[JoJimJoe () netscape net]

Hi,

I have a php script that allows those who use my site, to render some of my xml content as html on their own site.

I'm getting a lot requests to allow them to pass a parameter so they can load a style sheet, to give it their own look

essentially:
script.php?style=http://theirsite.com/style.css
which i'd put into
<link href="http://theirsite.com/style.css"; etc >

I'm concerned this is a security risk, that they can do more than just modify the look of the page, like some type of 
XSS attack.

This is all part of a link exchange, and it's important they not be able to do anything with cookies on my domain, or 
make anything appear to be done under my domain by something tricky...

thanks for your feedback
Jim