Description of problem: 

Developer lightspeed uses custom csp to make monaco editor functional when we preview the uploaded files. This custom csp rule breaks other components in the backstage like EntityAboutCard and Scaffolder actions.

Prerequisites (if any, like setup, operators/versions):

Steps to Reproduce

• Follow the lightspeed documentation to enable developer lightspeed.
• Visit Profile page or register a template.

Actual results:

UI breaks with an error

aluating a string as JavaScript violates the following Content Security Policy directive because 'unsafe-eval' is not an allowed source of script: script-src 'self' https://cdn.jsdelivr.net".
 

Expected results:

• Should not set CSP explicitly.{}
• My profie and scaffolder actions should be fully functional

Reproducibility (Always/Intermittent/Only Once): 

Always

Build Details: 1.8

Additional info (Such as Logs, Screenshots, etc): 

Slack thread for more info - https://redhat-internal.slack.com/archives/C05HGAR2DT5/p1762955454222449