That’s a great question!
Unfortunately, using the DOMParser API on its own doesn’t bypass the AMO warning. Even though it avoids directly assigning to innerHTML, you’re still inserting HTML content into the DOM — which is what triggers the warning. From AMO’s perspective, any method that renders raw or dynamic HTML, including DOMParser + appendChild, is considered potentially unsafe unless it’s properly sanitized.