Well, if you are worried about xss, that is a case of an attacker's code running on a victim's machine. If they process svgs through the lib before adding them to the dom, that would be one way to prevent the xss attack. This seems to be what DOMPurify are suggesting based on their documentation.