You may use a custom renderer, for example:

public static class HtmlEscapeStringRenderer implements AttributeRenderer {
    public String toString(Object o, String s, Locale locale) {
        return (String) (s == null ? o : StringEscapeUtils.escapeHtml((String) o));
    }
}

Then in the template indicate you want it escaped:

$p.name;format="html"$

That said, you may prefer to scrub the data on input, convert before sending to the template, send a decorated person to the template, etc.

public class App {
    public static void main(String[] args) {
        STGroupDir group = new STGroupDir("src/main/resource", '$', '$');
        group.registerRenderer(String.class, new HtmlEscapeStringRenderer());

        ST st = group.getInstanceOf("people");
        st.add("people", Arrays.asList(
                new Person("<b>Dave</b>", "dave@ohai.com"),
                new Person("<b>Nick</b>", "nick@kthxbai.com")
        ));

        System.out.println(st.render());
    }

    public static class HtmlEscapeStringRenderer implements AttributeRenderer {
        public String toString(Object o, String s, Locale locale) {
            return (String) (s == null ? o : StringEscapeUtils.escapeHtml((String) o));
        }
    }
}

This outputs:

<ul><li>&lt;b&gt;Dave&lt;/b&gt; dave@ohai.com</li><li>&lt;b&gt;Nick&lt;/b&gt; nick@kthxbai.com</li></ul>

It's not necessary to write your own renderer for this. You may use the builtin renderer org.stringtemplate.v4.StringRenderer

group.registerRenderer(String.class, new StringRenderer());

and add in your template :

<ul>$people:{p|<li>$p.name;format="xml-encode"$ $p.email;format="xml-encode"$</li>}$</ul>