[Security] Prevent templates for executing ruby commands

[bibstha]

Since the templates are basically erb files, one can edit it and add Ruby commands that gets executed in Heroku shell.

Is there a better way to sanitize the erb output? Maybe use something like https://github.com/shopify/liquid

[peillis]

you're right. PRs are welcome :)
Thank you!