“Improve Security Awareness · Issue #237 · alpinejs/alpine · GitHub”

To make a long story short: avoid using alpinejs in projects that involve user-generated content. The power it adds to basic HTML increases your attack surface substantially.

Baldur Bjarnason @baldur