It could well be a rabbit hole. Right now I have no way to tell.
However it is a lab on Jinja2 exploitation so I think XSS isn’t really part of the lab builders plans.
I have space for 41 characters between the {{ and }} markers, so my options are limited.
I’d like to do an os.popen('id').read() at the very least but ( and ) are blocked so that doesn’t work. Sending a referer with variations of the (id).read() string didn’t work.
Using __getchilditem__ syntax makes some progress but quickly runs out of space.