cc-trace
Assists in intercepting and analyzing Claude Code API requests using mitmproxy, enhancing debugging and optimization capabilities.
Install this skill
Security score
The cc-trace skill was audited on Mar 1, 2026 and we found 44 security issues across 4 threat categories, including 4 high-severity. Review the findings below before installing.
Categories Tested
Security Issues
Curl to non-GitHub URL
| 417 | 3. Test proxy with simple request: `curl -x http://127.0.0.1:8080 http://example.com` |
Curl to non-GitHub URL
| 949 | # Test proxy with curl |
Access to hidden dotfiles in home directory
| 202 | - Locate certificate: `~/.mitmproxy/mitmproxy-ca-cert.pem` |
Access to hidden dotfiles in home directory
| 204 | - **macOS**: `sudo security add-trusted-cert -d -p ssl -p basic -k /Library/Keychains/System.keychain ~/.mitmproxy/mitmproxy-ca-cert.pem` |
Access to hidden dotfiles in home directory
| 212 | - Guide creation of `proxy_claude` function in appropriate config file (~/.zshrc or ~/.bashrc) |
Access to hidden dotfiles in home directory
| 242 | - Instruct to reload shell: `source ~/.zshrc` (or `source ~/.bashrc`) |
Access to hidden dotfiles in home directory
| 246 | - Run bundled verification script: `bash ~/.claude/skills/cc-trace/scripts/verify-setup.sh` |
Access to hidden dotfiles in home directory
| 315 | ~/.claude/skills/cc-trace/scripts/show-last-prompt.sh |
Access to hidden dotfiles in home directory
| 371 | pbpaste | npx tsx ~/.claude/skills/cc-trace/scripts/parse-streamed-response.ts |
Access to hidden dotfiles in home directory
| 440 | ~/.mitmproxy/mitmproxy-ca-cert.pem |
Access to hidden dotfiles in home directory
| 818 | ~/.mitmproxy/mitmproxy-ca-cert.pem |
Access to hidden dotfiles in home directory
| 820 | # 4. Add proxy_claude function to ~/.zshrc or ~/.bashrc |
Access to hidden dotfiles in home directory
| 824 | source ~/.zshrc # or source ~/.bashrc |
Access to hidden dotfiles in home directory
| 827 | bash ~/.claude/skills/cc-trace/scripts/verify-setup.sh |
Access to hidden dotfiles in home directory
| 842 | ~/.claude/skills/cc-trace/scripts/show-last-prompt.sh |
Access to hidden dotfiles in home directory
| 844 | mitmdump -r ~/claude-flows.mitm -s ~/.claude/skills/cc-trace/scripts/extract-slash-commands.py |
Access to hidden dotfiles in home directory
| 921 | ~/.mitmproxy/mitmproxy-ca-cert.pem |
Access to hidden dotfiles in home directory
| 957 | bash ~/.claude/skills/cc-trace/scripts/verify-setup.sh |
Access to hidden dotfiles in home directory
| 963 | pbpaste | npx tsx ~/.claude/skills/cc-trace/scripts/parse-streamed-response.ts |
Access to hidden dotfiles in home directory
| 969 | ~/.claude/skills/cc-trace/scripts/show-last-prompt.sh |
Access to hidden dotfiles in home directory
| 972 | mitmdump -r ~/claude-flows.mitm -s ~/.claude/skills/cc-trace/scripts/extract-slash-commands.py |
Access to system keychain/keyring
| 58 | - **Permissions**: Ability to install certificates and modify system keychain (may require sudo/administrator) |
Access to system keychain/keyring
| 70 | **Example good tone**: "To intercept HTTPS traffic, install mitmproxy's certificate authority into the system keychain. This allows mitmproxy to decrypt secure connections for inspection while maintai |
Access to system keychain/keyring
| 204 | - **macOS**: `sudo security add-trusted-cert -d -p ssl -p basic -k /Library/Keychains/System.keychain ~/.mitmproxy/mitmproxy-ca-cert.pem` |
Access to system keychain/keyring
| 435 | sudo security delete-certificate -c mitmproxy /Library/Keychains/System.keychain |
Access to system keychain/keyring
| 439 | -k /Library/Keychains/System.keychain \ |
Access to system keychain/keyring
| 578 | sudo security delete-certificate -c mitmproxy /Library/Keychains/System.keychain |
Access to system keychain/keyring
| 817 | -k /Library/Keychains/System.keychain \ |
Access to system keychain/keyring
| 920 | -k /Library/Keychains/System.keychain \ |
Access to system keychain/keyring
| 924 | sudo security delete-certificate -c mitmproxy /Library/Keychains/System.keychain |
External URL reference
| 150 | - Community Discord: https://discord.gg/mitmproxy |
External URL reference
| 196 | - **Windows**: Download installer from https://mitmproxy.org/ |
External URL reference
| 218 | export HTTP_PROXY=http://127.0.0.1:8080 |
External URL reference
| 219 | export HTTPS_PROXY=http://127.0.0.1:8080 |
External URL reference
| 220 | export http_proxy=http://127.0.0.1:8080 |
External URL reference
| 221 | export https_proxy=http://127.0.0.1:8080 |
External URL reference
| 229 | echo "🔍 Proxy configured for mitmproxy (http://127.0.0.1:8080)" |
External URL reference
| 274 | - **Verification**: Browser opens to http://127.0.0.1:8081 showing empty flow list |
External URL reference
| 296 | - **Verification**: Browser opens to http://127.0.0.1:8081 showing empty flow list |
External URL reference
| 417 | 3. Test proxy with simple request: `curl -x http://127.0.0.1:8080 http://example.com` |
External URL reference
| 839 | # Navigate to: http://127.0.0.1:8081 |
External URL reference
| 930 | export HTTP_PROXY=http://127.0.0.1:8080 |
External URL reference
| 931 | export HTTPS_PROXY=http://127.0.0.1:8080 |
External URL reference
| 950 | curl -x http://127.0.0.1:8080 http://example.com |