diff --git a/.jules/sentinel.md b/.jules/sentinel.md
index 6c61284..edf0698 100644
--- a/.jules/sentinel.md
+++ b/.jules/sentinel.md
@@ -22,3 +22,4 @@
**Vulnerability:** Defense in Depth (CSP Missing)
**Learning:** Even when inputs are properly escaped, statically generated HTML that displays file/directory structures should implement a Content Security Policy (CSP) to provide an extra layer of defense against potential XSS bypasses.
**Prevention:** Include a strict CSP meta tag (e.g., `default-src 'none'; style-src 'unsafe-inline';`) in auto-generated HTML headers when external scripts or resources are not required.
+## 2024-06-29 - [html4tree] Strict CSP Nonce Implementation\n**Vulnerability:** Weak Content Security Policy (CSP)\n**Learning:** The previous CSP allowed `style-src 'unsafe-inline'`, which is generally discouraged as it can weaken defense-in-depth against XSS attacks. The html4tree output relied on `style="..."` attributes.\n**Prevention:** A secure random `nonce` is now generated per execution using `java.security.SecureRandom` and applied to the `
"""
@@ -159,7 +175,7 @@ fun process_dir(curr_dir: File){
-
+
${curr_dir.getName().escapeHtml()}
${css}
@@ -168,7 +184,7 @@ fun process_dir(curr_dir: File){