Preview agent-built web pages with HTML View
Shannon can now write a web page as ordinary workspace files and show it running live in a sandboxed preview, so asking for a tweak is a small edit instead of a full rebuild.
Shannon can now build a web page, or a small app, the same way it builds anything else in your
workspace: as ordinary files. Ask for one and it writes an index.html, a style.css, a
script.js, using the same file tools it already uses for every other document. A preview pane
next to the editor loads the running page in a sandboxed frame, on its own subdomain, so you see
the button, the layout, the game, actually working before you say a word about it.
Because the page lives in the workspace as real files instead of being generated fresh on every request, asking Shannon to “make the button green” or “fix the header” is a small edit to the file that’s already there, not a full rewrite of the whole page. This is Files form the foundation applied to a browser tab: the agent’s output isn’t a description of a page, it’s the page, sitting in your files exactly like everything else it writes.
Ask for a tweak, get a small edit
Under a request like “build a small game as a web page,” Shannon writes separate, readable files rather than one wall of inlined markup, and each one shows up in your file tree with the right icon and type. When you come back and ask for a change, it opens the file that needs it and edits it, the same way it edits any document. There’s no separate “regenerate the page” action, because there’s nothing to regenerate. There’s just a file, and a change to it.
Watch it render without leaving the editor
The middle pane renders the bundle live in an isolated frame, loaded from a one-time link served off its own subdomain rather than the main site. I made the preview always show the current version of the file, not a frozen copy from when you opened it. Freezing looked safer at first, but the underlying file can get deleted or cleaned up later, and a frozen copy would just point at nothing. Accept an edit and the frame reloads with the new bytes; turn on auto-approve and it updates on its own, edit after edit, without you touching anything. It’s labeled as untrusted generated content, and you can open it in a full tab too, if you want the real browsing experience instead of a boxed-in preview.
The preview is boxed in on purpose
A page an agent writes is still a page that runs arbitrary script, sitting next to the rest of the files in your workspace. So the preview can load and run the page, but it can’t read your session, and it can’t ship data anywhere Shannon didn’t allow.
Under the hood
Each preview runs off a short-lived, single-bundle grant: a random id with at least 128 bits of
entropy, good for 15 minutes, minted only for a signed-in request. The service that delivers the bytes is separate
from the rest of Shannon, read-only, with no database access and no session of its own. The page’s
own security policy defaults to denying every outbound network call, then allow-lists only what it
needs. That policy, not just the <iframe> sandbox, is what stops a compromised page from phoning
out with whatever it can read. And your Shannon session cookie is
scoped to the main site; it never reaches the preview’s subdomain at all, so there’s nothing there
for a bad script to find even if it tried.
Ask Shannon to build you a page, then ask for a tweak, at shannon.bot.