To be clear, I don't know when or why xss_clean was removed from the template parser or if it was ever there; I am not expert enough (from a security perspective) to address if it should be there or not, but I can see it *optionally* helpful.
One of my uses for the template parser is to inject XML/HTML from a database into a view, and forcing xss_clean would seem counter-intuitive to that.
CI4's View & Parser classes support optional escaping of view parameter values, which might serve the same intent as your question.
I don't see other responses to this thread, nor other community members bringing up the issue, so am not sure how much interest there would be in such an enhancement.
You asked about extending CI_Parser... that can always be done (core/MY_Parser). However, you are welcome to submit a PR to our github repo, with that proposed change to the parser
That could be a better way to get the community to chime in!
