diff --git a/packages/api/package.json b/packages/api/package.json
index 3a2fed5..167ba7e 100644
--- a/packages/api/package.json
+++ b/packages/api/package.json
@@ -25,7 +25,8 @@
     "@trpc/next": "^11.7.2",
     "@tanstack/react-query": "^5.90.12",
     "zod": "^3.23.8",
-    "superjson": "^2.2.6"
+    "superjson": "^2.2.6",
+    "sanitize-html": "^2.17.0"
   },
   "devDependencies": {
     "@query/tsconfig": "workspace:*",
diff --git a/packages/api/src/middleware/security.ts b/packages/api/src/middleware/security.ts
index 9e38ad9..f12d5b5 100644
--- a/packages/api/src/middleware/security.ts
+++ b/packages/api/src/middleware/security.ts
@@ -1,5 +1,5 @@
 import { TRPCError } from "@trpc/server";
-
+import sanitizeHtml from "sanitize-html";
 const rateLimitStore = new Map<string, { count: number; resetAt: number }>();
 
 setInterval(() => {
@@ -37,19 +37,7 @@ export function sanitizeInput(input: any): any {
   }
 
   if (typeof input === 'string') {
-    let sanitized = String(input);
-    let previous: string;
-    do {
-      previous = sanitized;
-      sanitized = sanitized
-        .replace(/<script\b[^<]*(?:(?!<\/script>)<[^<]*)*<\/script>/gi, '')
-        .replace(/javascript:/gi, '')
-        .replace(/on\w+\s*=/gi, '')
-        .replace(/data:text\/html/gi, '')
-        .replace(/<iframe/gi, '')
-        .replace(/<embed/gi, '')
-        .replace(/<object/gi, '');
-    } while (sanitized !== previous);
+    let sanitized = sanitizeHtml(String(input));
 
     return sanitized
       .trim()