In underscore, <%- stuff %> escapes HTML.
However, in EJS, <%= stuff %> escapes HTML.
If there was a way to make this consistent, life would be great.
I don't think you can make EJS work like Underscore here, but you can do the converse - see Rails with Underscore.js Templates for inspiration.