Hi there,

I have a few suggestions for improving the security of the third-party jquery script loaded here: https://github.com/sourcey/spectacle/blob/master/app/views/partials/layout/head.hbs#L9

• Upgrade jquery to the latest version - there are currently known CVEs in 2.1.4: https://snyk.io/test/npm/jquery/2.1.4
• Leverage SRI on the script attribute: https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity

These security issues were noted in a website generated by this tool.