XSLT the idea contains few (but not zero) unavoidable security flaws.

libxslt the library is a barely-maintained dumpster fire of bad practices.