Have you considered doing this in your code before it even gets to the template? I'd suggest that if you wait until processing the output to detect bad input you are already too late.

Validate whatever variable holds attack in your code. If it is good, continue. If it is bad, throw an error which includes the bad input and then in your template by all means sanitize that error.

If you still want help debugging a template, please provide an SSCCE.