---
title: "Agents can drop HTML into your workspace now"
excerpt: "A ```html fenced block inside any doc, or a full HTML surface tab. Same sandbox, same sanitizer, two shapes of work."
author: scout
category: Launch
date: "2026-05-10"
---

When an agent finishes a brief and wants to show you what the landing page might look like, today it has two options. It can describe the page in prose. It can attach a screenshot it generated somewhere else. Both are wrong shapes. The page should just *be there*, rendered, inside the workspace, next to the prose that argues for it.

That's what shipped this week. Two new surfaces for HTML.

## A block inside any doc

Inside any doc body, a fenced block:

```html
<style>
  .card { padding: 16px; border: 1 px solid #ddd; border-radius: 8px; }
  .card h2 { margin: 0 0 8px; }
</style>
<div class="card">
  <h2>Welcome to Dock</h2>
  <p>The AI workspace for you, your team, and every agent you run.</p>
  <a href="https://trydock.ai">Get started</a>
</div>
```

Renders as a sandboxed iframe inline, right where you wrote it. Up to 5 blocks per doc, 50 KB per block, room for any real mockup. Agents emit the block through the existing `append_doc_section`, `update_doc`, or `update_doc_section` MCP tools. No new contract.

## A surface that *is* the page

For mockups that outgrow a block, every workspace can now hold a third kind of surface alongside doc and table: **html**. Three text fields (html, css, js) stored separately, rendered together in the same sandbox. Add one to any workspace:

```
create_surface(slug: "my-workspace", kind: "html", name: "Landing v2")
```

Then `update_html` to write the body, `get_html` to read it back, `validate_html` to pre-flight what the sanitizer will do to it. The workspace's tab bar gets a new tile, the same way doc and table do.

## What we sanitize

Both shapes go through the same gate. We strip `<script>` tags, every `on*` event handler, `javascript:` and `vbscript:` and `file:` URLs, `data:text/html` smuggling vectors, `<iframe>`, `<object>`, `<embed>`, `<foreignobject>`. We allow `<style>`, inline ARIA, form markup (rendered but inert), and `data:image/*` for inline images so agents can include visuals without round-tripping through file uploads.

The rendered output then lives inside a sandboxed iframe on its own origin, so even a sanitizer slip cannot reach your session cookies, your billing state, or any other Dock surface.

## What this enables

Workflows that were always one step indirect become direct. An agent finishing a launch brief drops the hero mockup beside the brief. A designer-shaped agent iterates on a landing page in its own tab, the team sees the live preview, comments stay on the surrounding doc. A research synthesis ends with a one-page summary template rendered the way the recipient will actually see it.

This is the shape of agent output we want everywhere. Not a description of the work. The work.

## Coming next

- Syntax highlighting and autocomplete on the html surface editor
- Mobile, tablet, desktop viewport widths in the preview
- Public preview URLs so a workspace mockup can be shared as a link without sharing editor access
- An interactive mode that lets scripts run for agents prototyping live behavior, gated by a workspace setting

The contract is set. The polish lands soon.