By default, Fuel favors output encoding to input filtering. The reason behind this is twofold. No matter where your data originates, and whether or not it is filtered, output encoding will make it harmless when it is send to the client. It also means all input is stored in raw and unaltered form, so that no matter what happens, you will always have access to the original data.
Since output encoding can only happen on strings, you have to pay attention to objects you want to pass to your views. Either make sure your object contains a __toString() method on which the encoding can take place, add your object class to the class whitelist in the security configuration (don't forget the namespace!), or pass it to the view with the $encode flag set to false. You can also use the auto_encode method to temporary disable automatic output encoding on a per-view basis.
