可以基于用户的设计需求,生成符合描述的html文件,如果有生成的详细设计说明,可沿用此设计说明作为输入条件;通常情况下,如用户无特殊要求,可直接使用此工具生成html,用户可能不会说html,而是可能用原型、页面、设计稿等词汇来表达生成html的需求,此种情况下也需要调用此工具。调用完成后,需要将内容,截取html代码部分向用户展示,即从<!DOCTYPE html>开头到</html>结尾部分,并在内容前后增加html代码块标记,如
AI agents use gen_html to create or update resources in Modao Proto — usually the action step of a workflow, after the agent has gathered context. Every call changes real data in your Modao Proto environment.
The tool creates new HTML files and can import them into a workspace, which are write operations. These actions are reversible—generated files can be deleted or modified. While the tool could theoretically be misused to generate malicious HTML, the primary documented function is benign content generation.
From the tool's definition Tool generates HTML files based on design specifications and imports them into workspace. Description states it creates HTML output that can be imported into personal workspace, indicating reversible file creation and modification operations.
Documented attack patterns abuse exactly the kind of access gen_html gives an agent:
PolicyLayer is an MCP gateway — it sits between your AI agents and Modao Proto, and nothing reaches the server without passing your rules. This is the rule we recommend for gen_html:
{
"version": "1",
"default": "deny",
"tools": {
"gen_html": {
"limits": [
{
"counter": "gen_html_rate",
"window": "minute",
"max": 30,
"scope": "grant"
}
]
}
}
}gen_html stays usable, but capped — an agent stuck in a loop can't make hundreds of changes a minute. Everything else on the server is denied unless you say otherwise.
Free to start. No card required.
可以基于用户的设计需求,生成符合描述的html文件,如果有生成的详细设计说明,可沿用此设计说明作为输入条件;通常情况下,如用户无特殊要求,可直接使用此工具生成html,用户可能不会说html,而是可能用原型、页面、设计稿等词汇来表达生成html的需求,此种情况下也需要调用此工具。调用完成后,需要将内容,截取html代码部分向用户展示,即从<!DOCTYPE html>开头到</html>结尾部分,并在内容前后增加html代码块标记,如. It is categorised as a Write tool in the Modao Proto MCP Server, which means it can create or modify data. Consider rate limits to prevent runaway writes.
Register the Modao Proto MCP server in PolicyLayer and add a rule for gen_html: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches Modao Proto. Nothing to install.
gen_html is a Write tool with medium risk. Write tools should be rate-limited to prevent accidental bulk modifications.
Yes. Add a rate_limit block to the gen_html rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.
Set action: deny in the PolicyLayer policy for gen_html. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.
gen_html is provided by the Modao Proto MCP server (modao-dev/modao-proto-mcp). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.
Start from Modao Proto, add the rest of your stack, and see everything your agents can call. Then put policy on all of it.
Free to start. No card required.
3 Modao Proto tools catalogued and risk-classified — across an index of 43,000+ MCP servers.