I see how you got confused, but this is intentional. All strings are originally not html_safe since there’s no way of telling if they came from the author or user input. I don’t agree that Rails should special-case this behavior (blank strings not html_safe) since I don’t really think the way you’re building content here should be encouraged. Depending on your helper as whole, there must be better ways.
Also, what about if you’re appending user input instead of just content tags:
query = “”
query << params[:query]
query << content_tag(…)
If blank strings were safe to begin with, and users grew accustomed to the fact, doing this would suddenly be exposing yourself to XSS via GET/POST params.