diff --git a/app.py b/app.py
index f5a4b9a..fc3ea11 100644
--- a/app.py
+++ b/app.py
@@ -115,8 +115,10 @@
 
 
 def _log(msg: str) -> None:
+    import html
+    sanitized_msg = html.escape(msg)
     ts = datetime.now().strftime("%H:%M:%S")
-    st.session_state["logs"].append(f"[{ts}] {msg}")
+    st.session_state["logs"].append(f"[{ts}] {sanitized_msg}")
 
 
 # ---------------------------------------------------------------------------