@openzeppelin/wizard

@openzeppelin/wizard: Code injection in generated test files via unescaped strings

The OpenZeppelin Contracts Wizard generated example test files that interpolated user-supplied strings without escaping, allowing