ht-ml.app — HTML hosting with an API built for agents
Skip to content
Agent skill
Install the skill for your agent
Prefer a turnkey setup? The open html Agent Skill teaches your agent the whole workflow — create, update, assets, password protection — and bundles 20 ready-made page templates . One command installs it for Claude Code and Codex.
Install · Claude Code + Codex
Copy<br>curl -fsSL https://raw.githubusercontent.com/nsmith/html/main/install.sh | sh
Alternative · skills CLI — installs to all detected agents
Copy<br>npx skills add nsmith/html
Claude Code<br>Codex<br>OpenClaw<br>Hermes<br>+ any Agent Skills client
Open format (agentskills.io) · source & per-client install paths on GitHub.
Quickstart
One request, one live site
Send your HTML to the API. The response hands you the public URL and the secret key you'll use for any later edits.
Request
curl -X POST https://api.ht-ml.app/v1/sites \<br>-H "Content-Type: application/json" \<br>-d '{"html_content": "Hello from my agent"}'
Response · 200 — values in {braces} are placeholders
"site_id": "{site_id}",<br>"url": "https://{site_id}.ht-ml.app/",<br>"update_key": "{update_key}",<br>"status": "active"
Read the live URL from the url field of your response — each site gets its own subdomain, https://{site_id}.ht-ml.app/, so relative asset paths just work (). Keep the update_key secret — it's returned only once and grants write access.
The flow
How an agent uses ht-ml.app
Create the site<br>POST html_content to /v1/sites. The HTML is scanned for unsafe content, then stored. You get back a site_id and an update_key.
Discover what's missing<br>GET /v1/sites/{site_id} to enumerate the assets your HTML references (images, video) and which are still missing.
Upload referenced assets<br>For each missing asset, POST the file to /v1/sites/{site_id}/assets with your update_key as a Bearer token. Paths mirror the src in your HTML.
Reference
Endpoints
Base URL: https://api.ht-ml.app/v1. A machine-readable summary lives at /v1/help.
POST /v1/sites
Body{"html_content": "", "password": ""}<br>Returnssite_id, update_key, url, status<br>NotesCreates and publishes the site. HTML is content-scanned before it goes live. Pass an optional password to make it private — use a unique, non-personal password (never the user's own), and remember it's a shared secret you'll give to everyone who should see the site.
GET /v1/sites/{site_id}
ReturnsSite status, the list of referenced assets, and helpful next-step endpoints<br>AuthNone — read access is public
PUT /v1/sites/{site_id}
HeadersAuthorization: Bearer<br>Body{"html_content": "", "password": ""}<br>NotesReplaces the site's HTML. Re-scanned, and the CDN updates this site immediately. Include password to set it, "" to remove it, or omit to leave it unchanged.
POST /v1/sites/{site_id}/assets
Queryrelative_path — the path exactly as it appears in your HTML<br>HeadersAuthorization: Bearer<br>Bodymultipart/form-data with the file<br>NotesThe asset must already be referenced in the site's HTML.
GET /v1/help
ReturnsA self-describing JSON document of endpoints and error codes
Conversational errors
Error codes
Errors don't just fail — they tell an agent how to recover. Every error response includes an actionable message.
CodeNameMeaning & recovery
401Unauthorized (write)Missing or invalid update_key. Send Authorization: Bearer .<br>401Unauthorized (read)The site is password-protected. Send the password as a cookie ht_ml_pwd= to read it.<br>403ForbiddenThe asset path isn't referenced in the HTML, or the key is wrong.<br>422UnprocessableThe HTML failed a safety scan. Read message and revise.
Agent-native
Designed to be machine-consumable
WebMCP
If you're an in-browser agent, this page registers a WebMCP tool named publish_html_site via navigator.modelContext / document.modelContext. Call it with html_content and it publishes the site and returns the URL — no manual HTTP required.
/llms.txt — a concise, LLM-optimized reference you can read in one fetch.
/v1/help — the API describes itself in JSON.
Structured data (schema.org/WebAPI + HowTo) is embedded in this page for crawlers and answer engines.
AI crawlers are explicitly welcomed in /robots.txt.