Skip to content

Add reference-site skill: let the agent see sites users link#3644

Draft
lezama wants to merge 4 commits into
trunkfrom
add-reference-site-skill
Draft

Add reference-site skill: let the agent see sites users link#3644
lezama wants to merge 4 commits into
trunkfrom
add-reference-site-skill

Conversation

@lezama

@lezama lezama commented May 29, 2026

Copy link
Copy Markdown
Contributor

Related issues

  • Related to #

How AI was used in this PR

The code, the reference-site skill prose, the tests, and this PR description were all drafted with Claude Code, then reviewed by me. The approach (a skill plus one fetch tool that reuses the existing screenshot tool) and the SSRF guard parity were verified against a working reference implementation and smoke-tested live.

Proposed Changes

When someone references an existing website while building — "a candy shop like gumroad.com", "build a site for lhab.org", "base the about page on acme.com/about" — the agent currently can't see that site. It guesses from the string and the result drifts (e.g. "lhab.org" free-associates into the wrong theme entirely).

This teaches the agent to look before it builds:

  • It screenshots the referenced URL (using the existing take_screenshot tool) to read palette, typography, layout rhythm, and signature components.
  • It reads the page text (new fetch_webpage tool) to learn the site's identity, audience, voice, and key vocabulary.
  • It folds both into the design direction as inspiration, not a clone target, and — when editing an existing site — scopes the reference to just the section being changed rather than restyling the whole theme.

A new user-invokable reference-site skill orchestrates this, and the visual-design / site-spec skills now hand off to it when a URL is present.

fetch_webpage only reaches public http(s) URLs: localhost, private/reserved IPs, non-HTML responses, and oversized bodies are refused, and every redirect hop is re-validated.

Why a Proof of Concept: the visual side is handled "for free" by the existing multimodal screenshot path, so the brief here is largely prompt/skill design plus one guarded tool. Open questions worth a team look before this lands: whether URL handling belongs in a skill vs. deeper in the agent loop; whether full DNS-pinning SSRF defense is warranted (currently out of scope, matching the reference implementation); and how aggressively the agent should trigger it vs. asking first.

Testing Instructions

  1. npm run cli:build
  2. In a studio code session, try a build prompt that references a site, e.g. "build a landing page for a candy shop like stripe.com". The agent should load the reference-site skill, screenshot stripe.com, and read its content before designing.
  3. Confirm the guard: a prompt pointing at http://localhost:8080 or http://169.254.169.254/ is refused by fetch_webpage.
  4. npm test -- apps/cli/ai/tests/fetch-webpage-helpers.test.ts — 15 unit tests cover URL normalization, the SSRF guard (scheme / localhost / single-label / private IPv4 / loopback + link-local + IPv4-mapped IPv6), and the HTML→brief extractor.

Pre-merge Checklist

  • Have you checked for TypeScript, React or other console errors?

lezama and others added 2 commits May 29, 2026 15:55
@lezama @claude
Add reference-site skill so the agent can see sites users link
a8aa286 
Adds a fetch_webpage tool (public-URL-only, SSRF-guarded) and a reference-site
skill: when a user references an external website by URL, the agent screenshots
it (existing take_screenshot) and reads its content to brief design and copy,
as inspiration rather than a clone target.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
@lezama
Merge remote-tracking branch 'origin/trunk' into add-reference-site-s…
a1d2b5a 
…kill

# Conflicts:
#	apps/cli/ai/system-prompt.ts
github-advanced-security[bot]
github-advanced-security AI found potential problems May 29, 2026
View reviewed changes
Comment thread apps/cli/ai/tools/fetch-webpage-helpers.ts
export function extractPageText( html: string ): string {
// Drop content that never contributes readable copy before matching.
const cleaned = html
.replace( /<script\b[^>]*>[\s\S]*?<\/script>/gi, ' ' )
lezama and others added 2 commits May 29, 2026 17:34
@lezama @claude
reference-site: use a single desktop shot for the reference
e127f3b 
A single above-the-fold desktop capture carries the design language;
viewport:"all" and offset pagination just add payload on tall reference
sites (stripe.com was 14k/20k px tall) without adding signal.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
@lezama
Merge remote-tracking branch 'origin/trunk' into add-reference-site-s…
cfd1dac 
…kill
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@github-advanced-security github-advanced-security[bot] github-advanced-security[bot] left review comments

Reviewers whose approvals may not affect merge requirements

At least 1 approving review is required to merge this pull request.

Assignees

@lezama lezama

Labels

Proof of Concept

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@lezama @github-advanced-security