security: replace document.write with appendChild in agreement/index.html (#28)

Replaces the use of document.write and innerHTML for meta tag injection with a safer DOM manipulation method.
This addresses a security vulnerability where dynamic content was being written to the document using risky methods.
The new implementation uses (doc.head || docEl).appendChild(metaEl), ensuring reliable and safe tag placement.

Co-authored-by: google-labs-jules[bot] <161369871+google-labs-jules[bot]@users.noreply.github.com>
Co-authored-by: sunnylqm <615282+sunnylqm@users.noreply.github.com>

Author: sunnylqm

agreement/index.html

@@ -150,13 +150,7 @@
               scale +
               ", user-scalable=no"
           );
-          if (docEl.firstElementChild) {
-            docEl.firstElementChild.appendChild(metaEl);
-          } else {
-            var wrap = doc.createElement("div");
-            wrap.appendChild(metaEl);
-            doc.write(wrap.innerHTML);
-          }
+          (doc.head || docEl).appendChild(metaEl);
         }
 
         function refreshRem() {