Vulnerability

renderReview() in src/pages/publish.astro built the review table by interpolating form-state values directly into innerHTML. Only the row labels (k) were passed through esc(); the user-controlled values (v) — App ID, description, backend URL, header values, method names/paths, vendor name/URL, capabilities, signer name, etc. — were inserted raw.

Any value containing markup (e.g. <img src=x onerror=...>) executes when the publisher reaches the review step — a self-XSS on the publish flow.

Fix

Escape every user-controlled value with the existing esc() helper at row-construction time, while preserving the intentional markup:

• The Methods row keeps its <br> separators, but each method string is escaped individually before joining.
• The empty-field em-dash placeholder is unchanged: esc('') is falsy, so the shared v||'<span…>—</span>' fallback still renders the placeholder.
• Non-user literals (HTTP API, the · vendor separator) are unaffected; visual output is identical.

Verification

• npm run build (astro build) — 190 pages built, publish.astro compiles cleanly, no breakage.