DOM text reinterpreted as HTML Update wgsl-tour.ts

[Shivam7-1]

By using innerText, it will avoid the risk of HTML injection, as these properties automatically escape any HTML special characters in the provided text. This helps prevent cross-site scripting (XSS) vulnerabilities by treating the input as plain text rather than interpreted HTML. Always be cautious when dealing with user input or dynamic content to prevent security risks.

[Kangz]

Same answer basically as the other PR. Please do not contributed such automated changes to these repos without first making sure that they are useful and wanted.