Add Swarmakit Vue presets package

[cobycloud]

Summary

• add the experimental layout-engine-swarmakit-vue package with Swarmakit Vue preset mappings, widgets, and runtime helpers
• document usage and include a FastAPI/Uvicorn example server for rendering Swarmakit components
• cover presets and Uvicorn integration with targeted pytest suites

Testing

• uv run --directory experimental/layout_engine_swarmakit_vue --package layout-engine-swarmakit-vue pytest

---

https://chatgpt.com/codex/tasks/task_e_68e5d31c2d888326beb596f648135fbf

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting

• @codex fix this CI failure
• @codex address that feedback

[chatgpt-codex-connector]

Escape manifest JSON before embedding in script tag

The rendered page writes the serialized manifest straight into a <script type="application/json"> tag. Because manifest_json is produced with json.dumps and inserted verbatim, any tile props containing the substring </script> (for example, user-provided grid cell text) will close the script tag early and let the rest of the payload execute as HTML/JS, creating an XSS vector whenever untrusted data flows into the manifest. HTML‑escape or replace </ sequences before embedding, or serve the manifest via a separate endpoint instead of inline.

Useful? React with 👍 / 👎.