HTML-escapes a string. (standard Liquid filter.)
{{ "<b>&</b>" | escape }}
Output:
<b>&</b>