ai-cc-router 0.2.1 → 0.2.3

package/dist/cli/cmd-client.js

@@ -4,7 +4,7 @@ import { input, confirm } from "@inquirer/prompts";
 import { readConfig, writeConfig } from "../config/manager.js";
 import { writeClaudeSettings, removeClaudeSettings, readClaudeProxySettings } from "../utils/claude-config.js";
 import { isMacos, isWindows } from "../utils/platform.js";
-import { checkMitmproxyInstalled, isCaCertInstalled, generateCaCert, installCaCert, writeAddonScript, startInterceptor, stopInterceptor, isInterceptorRunning, getProcessName, } from "../interceptor/mitmproxy-manager.js";
+import { checkMitmproxyInstalled, isCaCertInstalled, generateCaCert, installCaCert, writeAddonScript, startInterceptor, stopInterceptor, isInterceptorRunning, getProcessName, getNetworkExtensionStatus, openNetworkExtensionSettings, } from "../interceptor/mitmproxy-manager.js";
 // ─── Helpers ──────────────────────────────────────────────────────────────────
 function isClaudeDesktopInstalled() {
     if (isMacos()) {
@@ -112,9 +112,15 @@ export function registerClient(program) {
         writeClaudeSettings(0, url, secret ?? "proxy-managed");
         console.log(chalk.green("✓ Claude Code configured to route through CC-Router"));
         console.log(chalk.gray(`  ANTHROPIC_BASE_URL → ${url}`));
-        // 6. Optionally configure Claude Desktop
-        const wantsDesktop = opts?.desktop ?? (isClaudeDesktopInstalled() &&
-            await confirm({ message: "Also route Claude Desktop (chat + Cowork) through the proxy?", default: false }));
+        // 6. Optionally configure Claude Desktop (Cowork / Agent mode only)
+        let wantsDesktop = opts?.desktop ?? false;
+        if (!opts?.desktop && isClaudeDesktopInstalled()) {
+            printDesktopSupportExplainer();
+            wantsDesktop = await confirm({
+                message: "Route Claude Desktop's Cowork / Agent-mode traffic through CC-Router?",
+                default: false,
+            });
+        }
         if (wantsDesktop) {
             await setupDesktopInterception(url);
             cfg.client.desktopEnabled = true;
@@ -207,16 +213,34 @@ export function registerClient(program) {
             console.log(chalk.gray("\n  No recent activity on the remote proxy."));
         }
         // ── Desktop status ─────────────────────────────────────────────────
-        console.log(chalk.bold("\n  DESKTOP INTERCEPTOR"));
+        console.log(chalk.bold("\n  DESKTOP INTERCEPTOR  (Cowork / Agent mode)"));
         if (cfg.client.desktopEnabled) {
             const running = await isInterceptorRunning();
-            console.log(`    ${running ? chalk.green("● running") : chalk.yellow("○ configured but stopped")}`);
-            if (!running) {
+            if (running) {
+                console.log(`    ${chalk.green("● running")}`);
+            }
+            else {
+                console.log(`    ${chalk.yellow("○ configured but stopped")}`);
                 console.log(chalk.gray("    Start with: cc-router client start-desktop"));
             }
+            // Check Network Extension on macOS
+            if (isMacos()) {
+                const extStatus = await getNetworkExtensionStatus();
+                if (extStatus === "waiting") {
+                    console.log(chalk.red("    ⚠  Network Extension NOT approved — interceptor won't capture traffic!"));
+                    console.log(chalk.gray("    Fix: System Settings → General → Login Items & Extensions → Network Extensions"));
+                }
+                else if (extStatus === "not_installed") {
+                    console.log(chalk.yellow("    ⚠  Network Extension not installed — will be triggered on first start"));
+                }
+                else if (extStatus === "enabled") {
+                    console.log(`    ${chalk.green("✓")} ${chalk.gray("Network Extension: enabled")}`);
+                }
+            }
+            console.log(chalk.gray("    Scope: /v1/messages + /v1/models  (normal chat NOT routed)"));
         }
         else {
-            console.log(`    ${chalk.gray("not configured")}`);
+            console.log(`    ${chalk.gray("not configured — enable with: cc-router client connect --desktop")}`);
         }
         console.log();
         console.log(chalk.gray("  Live dashboard: cc-router status\n"));
@@ -224,16 +248,17 @@ export function registerClient(program) {
     // ── cc-router client start-desktop ──────────────────────────────────────────
     client
         .command("start-desktop")
-        .description("Start mitmproxy interceptor for Claude Desktop")
+        .description("Start mitmproxy interceptor for Claude Desktop (Cowork / Agent mode)")
         .action(async () => {
         const cfg = readConfig();
         if (!cfg.client) {
             console.error(chalk.red("Not connected. Run: cc-router client connect <url>"));
             process.exit(1);
         }
-        if (!await checkMitmproxyInstalled()) {
-            console.error(chalk.red("mitmproxy not found. Install it first:"));
-            console.error(chalk.yellow(isMacos() ? "  brew install mitmproxy" : "  pip install mitmproxy"));
+        if (!(await checkMitmproxyInstalled())) {
+            console.error(chalk.red("\n✗ mitmproxy not found. Install it first:"));
+            console.error(chalk.cyan(isMacos() ? "    brew install mitmproxy" : "    pip install mitmproxy"));
+            console.error();
             process.exit(1);
         }
         if (!cfg.client.desktopEnabled) {
@@ -241,13 +266,52 @@ export function registerClient(program) {
             cfg.client.desktopEnabled = true;
             writeConfig(cfg);
         }
+        // Pre-flight check: verify Network Extension is ready on macOS.
+        // startInterceptor does the same check and throws; we catch and show
+        // a friendlier block here with the open-settings shortcut.
+        if (isMacos()) {
+            const status = await getNetworkExtensionStatus();
+            if (status === "waiting") {
+                console.error(chalk.red("\n✗ Mitmproxy Network Extension is NOT yet approved.\n"));
+                printNetworkExtensionInstructions();
+                const openNow = await confirm({
+                    message: "Open System Settings now?",
+                    default: true,
+                });
+                if (openNow)
+                    await openNetworkExtensionSettings();
+                console.error(chalk.yellow("\n  Re-run `cc-router client start-desktop` after approving.\n"));
+                process.exit(1);
+            }
+            if (status === "not_installed") {
+                console.error(chalk.yellow("\n⚠  Mitmproxy Network Extension is not installed yet."));
+                console.error(chalk.gray("  The first mitmdump run will trigger installation."));
+                console.error(chalk.gray("  Approve it in System Settings when macOS prompts you, then re-run this command.\n"));
+            }
+        }
         const target = cfg.client.remoteUrl;
         const processName = getProcessName();
         console.log(chalk.cyan(`\nStarting mitmproxy interceptor for "${processName}"...`));
-        console.log(chalk.gray(`  Redirecting api.anthropic.com → ${target}\n`));
-        await startInterceptor(target);
-        console.log(chalk.green("✓ Claude Desktop interceptor running"));
-        console.log(chalk.gray("  Open Claude Desktop and send a message to test.\n"));
+        console.log(chalk.gray(`  Redirecting api.anthropic.com/v1/messages → ${target}`));
+        try {
+            await startInterceptor(target);
+        }
+        catch (e) {
+            console.error(chalk.red(`\n✗ Failed to start interceptor:\n`));
+            console.error(chalk.yellow("  " + e.message.split("\n").join("\n  ")));
+            console.error();
+            process.exit(1);
+        }
+        console.log(chalk.green("\n✓ Claude Desktop interceptor running"));
+        console.log();
+        console.log(chalk.bold.yellow("  Next steps:"));
+        console.log("    " + chalk.cyan("1.") + " Quit Claude Desktop completely (⌘Q)");
+        console.log("    " + chalk.cyan("2.") + " Reopen Claude Desktop");
+        console.log("    " + chalk.cyan("3.") + " Use Cowork / Agent mode (Claude Code in Desktop)");
+        console.log();
+        console.log(chalk.gray("  Check routing with:  ") + chalk.cyan("cc-router client status"));
+        console.log(chalk.gray("  Stop interceptor:    ") + chalk.cyan("cc-router client stop-desktop"));
+        console.log();
     });
     // ── cc-router client stop-desktop ───────────────────────────────────────────
     client
@@ -259,53 +323,154 @@ export function registerClient(program) {
     });
 }
 // ─── Desktop setup flow ───────────────────────────────────────────────────────
+/**
+ * Printed before asking the user whether to enable Desktop interception.
+ * The copy is deliberately explicit about WHAT works and WHAT doesn't — users
+ * who expect the normal chat to go through CC-Router will hit confusion fast,
+ * and we can head it off here by framing this as a "Cowork / Agent mode" feature.
+ */
+export function printDesktopSupportExplainer() {
+    console.log(chalk.bold.cyan("\n  🖥  Claude Desktop — what CC-Router can route\n"));
+    console.log("  Claude Desktop does NOT expose ANTHROPIC_BASE_URL, so CC-Router uses\n" +
+        "  mitmproxy to selectively intercept only the traffic it can handle:\n");
+    console.log(chalk.green("  ✓ Cowork / Agent mode       ") + chalk.gray("— /v1/messages (this is what gets routed)"));
+    console.log(chalk.green("  ✓ Claude Code inside Desktop") + chalk.gray("— /v1/messages (same as CLI)"));
+    console.log(chalk.red("  ✗ Normal chat               ") + chalk.gray("— goes to claude.ai webview, NOT redirectable"));
+    console.log();
+    console.log(chalk.gray("  TL;DR: Your LLM-heavy workflows (Cowork, agent tasks, in-Desktop\n" +
+        "  Claude Code) will rotate across your Max accounts via CC-Router.\n" +
+        "  The regular chat sidebar keeps going directly through claude.ai."));
+    console.log();
+}
+/**
+ * Prints the macOS Network Extension approval walkthrough.
+ * This is the #1 gotcha — mitmdump starts silently but captures nothing
+ * until the user flips the toggle in System Settings.
+ */
+export function printNetworkExtensionInstructions() {
+    if (!isMacos())
+        return;
+    console.log(chalk.bold.yellow("\n  ⚠  IMPORTANT — macOS Network Extension approval\n"));
+    console.log("  The first time mitmproxy runs in local mode, macOS installs a");
+    console.log("  Network Extension (" + chalk.cyan("Mitmproxy Redirector") + ") that must be approved");
+    console.log("  manually. " + chalk.red("Without this step, mitmproxy captures ZERO traffic.") + "\n");
+    console.log(chalk.bold("  Steps:"));
+    console.log("    " + chalk.cyan("1.") + " Open " + chalk.bold("System Settings"));
+    console.log("    " + chalk.cyan("2.") + " Go to " + chalk.bold("General → Login Items & Extensions"));
+    console.log("    " + chalk.cyan("3.") + " Scroll to " + chalk.bold("Network Extensions") + " and click the " + chalk.bold("ⓘ") + " button");
+    console.log("    " + chalk.cyan("4.") + " Toggle " + chalk.bold("Mitmproxy Redirector") + " ON");
+    console.log("    " + chalk.cyan("5.") + " Enter your Mac admin password when prompted\n");
+    console.log(chalk.gray("  You only need to do this ONCE per machine.\n"));
+}
 async function setupDesktopInterception(target) {
     console.log(chalk.bold("\n🖥  Claude Desktop Setup\n"));
+    // 0. Explain what actually works before anything else
+    printDesktopSupportExplainer();
+    const proceedWithSetup = await confirm({
+        message: "Continue with Cowork / Agent-mode interception setup?",
+        default: true,
+    });
+    if (!proceedWithSetup) {
+        console.log(chalk.gray("Skipping Desktop setup. You can run it later with: cc-router client start-desktop\n"));
+        return;
+    }
     // 1. Check mitmproxy
-    if (!await checkMitmproxyInstalled()) {
-        console.log(chalk.yellow("mitmproxy is required but not installed."));
+    if (!(await checkMitmproxyInstalled())) {
+        console.log(chalk.yellow("\nmitmproxy is required but not installed."));
         if (isMacos()) {
-            console.log(chalk.cyan("  Install: brew install mitmproxy"));
+            console.log(chalk.cyan("  Install:  brew install mitmproxy"));
         }
         else if (isWindows()) {
-            console.log(chalk.cyan("  Install: pip install mitmproxy"));
+            console.log(chalk.cyan("  Install:  pip install mitmproxy  (or download the installer from mitmproxy.org)"));
         }
         else {
-            console.log(chalk.cyan("  Install: pip install mitmproxy (requires kernel ≥ 6.8)"));
+            console.log(chalk.cyan("  Install:  pip install mitmproxy  (Linux local mode requires kernel ≥ 6.8)"));
         }
         console.log();
-        const proceed = await confirm({ message: "Have you installed mitmproxy?", default: false });
-        if (!proceed || !await checkMitmproxyInstalled()) {
-            console.log(chalk.red("mitmproxy not found. Skipping Desktop setup.\n"));
+        const proceed = await confirm({ message: "Have you installed mitmproxy now?", default: false });
+        if (!proceed || !(await checkMitmproxyInstalled())) {
+            console.log(chalk.red("\nmitmproxy still not found. Skipping Desktop setup.\n"));
+            console.log(chalk.gray("Re-run later with:  cc-router client start-desktop\n"));
             return;
         }
     }
     console.log(chalk.green("✓ mitmproxy found"));
-    // 2. Generate CA cert if needed
+    // 2. Generate CA cert if missing
     if (!isCaCertInstalled()) {
-        console.log(chalk.gray("Generating mitmproxy CA certificate..."));
-        await generateCaCert();
+        console.log(chalk.gray("Generating mitmproxy CA certificate (one-time)..."));
+        try {
+            await generateCaCert();
+            console.log(chalk.green("✓ CA certificate generated"));
+        }
+        catch (e) {
+            console.log(chalk.red(`✗ CA generation failed: ${e.message}`));
+            return;
+        }
+    }
+    else {
+        console.log(chalk.green("✓ CA certificate already present"));
     }
     // 3. Install CA cert (requires sudo)
-    console.log(chalk.yellow("\nInstalling the mitmproxy CA certificate requires admin access."));
-    console.log(chalk.gray("This is needed so Claude Desktop trusts the local interceptor."));
-    const installCa = await confirm({ message: "Install CA certificate now? (requires password)", default: true });
+    console.log();
+    console.log(chalk.yellow("The mitmproxy CA certificate must be trusted by your OS so that"));
+    console.log(chalk.yellow("Claude Desktop accepts the local interceptor. This requires sudo."));
+    const installCa = await confirm({ message: "Install CA certificate now? (asks for admin password)", default: true });
     if (installCa) {
         const ok = await installCaCert();
         if (ok) {
-            console.log(chalk.green("✓ CA certificate installed"));
+            console.log(chalk.green("✓ CA certificate installed in system trust store"));
         }
         else {
-            console.log(chalk.red("✗ CA certificate install failed. You may need to install it manually."));
+            console.log(chalk.red("✗ CA certificate install failed."));
+            console.log(chalk.gray("  Install manually later with:"));
+            console.log(chalk.gray("    sudo security add-trusted-cert -d -r trustRoot \\"));
+            console.log(chalk.gray("      -k /Library/Keychains/System.keychain \\"));
+            console.log(chalk.gray("      ~/.mitmproxy/mitmproxy-ca-cert.pem"));
         }
     }
     // 4. Write addon script
     writeAddonScript(target);
     console.log(chalk.green("✓ Redirect addon configured"));
-    // 5. macOS Network Extension note
+    // 5. macOS Network Extension — THIS is the step people miss
     if (isMacos()) {
-        console.log(chalk.yellow("\n⚠  On first run, macOS will ask to approve mitmproxy's Network Extension."));
-        console.log(chalk.gray("   Go to System Settings → General → Login Items & Extensions → Network Extensions"));
-        console.log(chalk.gray("   and toggle 'Mitmproxy Redirector' on.\n"));
+        printNetworkExtensionInstructions();
+        // Check current status and guide the user if it's not enabled
+        const status = await getNetworkExtensionStatus();
+        if (status === "not_installed") {
+            console.log(chalk.gray("  The Network Extension hasn't been installed yet — it'll be triggered\n" +
+                "  automatically the first time you run `cc-router client start-desktop`.\n" +
+                "  macOS will show a popup — approve it and follow the steps above.\n"));
+        }
+        else if (status === "waiting") {
+            console.log(chalk.red("  ⚠  Network Extension is installed but NOT yet approved.\n"));
+            const openNow = await confirm({
+                message: "Open System Settings now so you can approve it?",
+                default: true,
+            });
+            if (openNow) {
+                await openNetworkExtensionSettings();
+                console.log(chalk.gray("\n  System Settings should now be open."));
+                console.log(chalk.gray("  Toggle 'Mitmproxy Redirector' ON, then come back here.\n"));
+                await confirm({ message: "Done? Press Enter when the toggle is ON", default: true });
+                const newStatus = await getNetworkExtensionStatus();
+                if (newStatus === "enabled") {
+                    console.log(chalk.green("✓ Network Extension is enabled"));
+                }
+                else {
+                    console.log(chalk.yellow(`  Still not enabled (status: ${newStatus})`));
+                    console.log(chalk.gray("  You can re-check later with: cc-router client status"));
+                }
+            }
+        }
+        else if (status === "enabled") {
+            console.log(chalk.green("  ✓ Network Extension is already enabled — you're all set"));
+        }
     }
+    // 6. Remind that Claude Desktop must be restarted for mitmproxy to hook into it
+    console.log();
+    console.log(chalk.bold.yellow("  One more thing:"));
+    console.log(chalk.gray("  After starting the interceptor, you must " + chalk.bold("quit and relaunch Claude Desktop")));
+    console.log(chalk.gray("  (⌘Q in Claude Desktop, then reopen it). mitmproxy only captures"));
+    console.log(chalk.gray("  traffic from processes started AFTER it begins listening."));
+    console.log();
 }

package/dist/cli/cmd-setup.js

@@ -11,7 +11,8 @@ import { loadAccounts, accountsFileExists, readConfig, writeConfig, generateProx
 import { PROXY_PORT } from "../config/paths.js";
 import { DEFAULT_RATE_LIMITS } from "../proxy/types.js";
 import { existsSync } from "fs";
-import { checkMitmproxyInstalled, isCaCertInstalled, generateCaCert, installCaCert, writeAddonScript, } from "../interceptor/mitmproxy-manager.js";
+import { checkMitmproxyInstalled, isCaCertInstalled, generateCaCert, installCaCert, writeAddonScript, getNetworkExtensionStatus, openNetworkExtensionSettings, } from "../interceptor/mitmproxy-manager.js";
+import { printDesktopSupportExplainer, printNetworkExtensionInstructions } from "./cmd-client.js";
 const execFileAsync = promisify(execFile);
 // ─── Public registration ──────────────────────────────────────────────────────
 export function registerSetup(program) {
@@ -567,11 +568,12 @@ async function runClientSetupFromWizard() {
     writeClaudeSettings(0, url, secret ?? "proxy-managed");
     console.log(chalk.green("✓ Claude Code configured"));
     console.log(chalk.gray(`  ANTHROPIC_BASE_URL → ${url}\n`));
-    // ── Claude Desktop question ─────────────────────────────────────────────
+    // ── Claude Desktop (Cowork / Agent mode) ─────────────────────────────────
     const desktopInstalled = isMacos() && existsSync("/Applications/Claude.app");
     if (desktopInstalled) {
+        printDesktopSupportExplainer();
         const wantsDesktop = await confirm({
-            message: "Also route Claude Desktop (chat + Cowork) through the proxy?",
+            message: "Route Claude Desktop's Cowork / Agent-mode traffic through CC-Router?",
             default: false,
         });
         if (wantsDesktop) {
@@ -589,33 +591,82 @@ async function runClientSetupFromWizard() {
     console.log();
 }
 async function setupDesktopFromWizard(target) {
-    console.log(chalk.bold("\n🖥  Claude Desktop Setup\n"));
+    console.log(chalk.bold("\n🖥  Claude Desktop — Cowork / Agent Setup\n"));
+    // 1. Check mitmproxy
     if (!(await checkMitmproxyInstalled())) {
         console.log(chalk.yellow("mitmproxy is required but not installed."));
-        console.log(chalk.cyan("  Install: brew install mitmproxy\n"));
-        const proceed = await confirm({ message: "Have you installed mitmproxy?", default: false });
+        if (isMacos()) {
+            console.log(chalk.cyan("  Install:  brew install mitmproxy\n"));
+        }
+        else {
+            console.log(chalk.cyan("  Install:  pip install mitmproxy\n"));
+        }
+        const proceed = await confirm({ message: "Have you installed mitmproxy now?", default: false });
         if (!proceed || !(await checkMitmproxyInstalled())) {
-            console.log(chalk.red("Skipping Desktop setup.\n"));
+            console.log(chalk.red("Skipping Desktop setup. Re-run with: cc-router client start-desktop\n"));
             return;
         }
     }
     console.log(chalk.green("✓ mitmproxy found"));
+    // 2. CA cert
     if (!isCaCertInstalled()) {
-        console.log(chalk.gray("Generating mitmproxy CA certificate..."));
-        await generateCaCert();
+        console.log(chalk.gray("Generating mitmproxy CA certificate (one-time)..."));
+        try {
+            await generateCaCert();
+            console.log(chalk.green("✓ CA certificate generated"));
+        }
+        catch (e) {
+            console.log(chalk.red(`✗ CA generation failed: ${e.message}`));
+            return;
+        }
+    }
+    else {
+        console.log(chalk.green("✓ CA certificate already present"));
     }
-    console.log(chalk.yellow("\nInstalling the CA certificate requires your admin password."));
+    console.log(chalk.yellow("\nThe CA certificate must be installed in your OS trust store (requires admin)."));
     const doInstall = await confirm({ message: "Install CA certificate now?", default: true });
     if (doInstall) {
         const ok = await installCaCert();
-        console.log(ok ? chalk.green("✓ CA certificate installed") : chalk.red("✗ CA install failed — install manually later"));
+        if (ok) {
+            console.log(chalk.green("✓ CA certificate installed in system trust store"));
+        }
+        else {
+            console.log(chalk.red("✗ CA install failed."));
+            console.log(chalk.gray("  Install manually: sudo security add-trusted-cert -d -r trustRoot \\"));
+            console.log(chalk.gray("    -k /Library/Keychains/System.keychain ~/.mitmproxy/mitmproxy-ca-cert.pem"));
+        }
     }
+    // 3. Addon
     writeAddonScript(target);
     console.log(chalk.green("✓ Redirect addon configured"));
+    // 4. Network Extension walkthrough (macOS)
     if (isMacos()) {
-        console.log(chalk.yellow("\n⚠  On first run macOS will ask to approve mitmproxy's Network Extension."));
-        console.log(chalk.gray("   System Settings → General → Login Items & Extensions → Network Extensions"));
-        console.log(chalk.gray("   Toggle 'Mitmproxy Redirector' on.\n"));
+        printNetworkExtensionInstructions();
+        const status = await getNetworkExtensionStatus();
+        if (status === "not_installed") {
+            console.log(chalk.gray("  The extension will be installed on first `cc-router client start-desktop`.\n" +
+                "  macOS will show a popup — follow the steps above to approve it.\n"));
+        }
+        else if (status === "waiting") {
+            console.log(chalk.red("  ⚠  Extension is installed but NOT approved.\n"));
+            const openNow = await confirm({ message: "Open System Settings to approve it now?", default: true });
+            if (openNow) {
+                await openNetworkExtensionSettings();
+                console.log(chalk.gray("  System Settings should be open. Toggle 'Mitmproxy Redirector' ON.\n"));
+                await confirm({ message: "Done? Press Enter when the toggle is ON", default: true });
+                const newStatus = await getNetworkExtensionStatus();
+                console.log(newStatus === "enabled"
+                    ? chalk.green("  ✓ Network Extension enabled")
+                    : chalk.yellow(`  Still not enabled (status: ${newStatus}) — you can fix later`));
+            }
+        }
+        else if (status === "enabled") {
+            console.log(chalk.green("  ✓ Network Extension already enabled — you're all set\n"));
+        }
+        // Remind to restart Claude Desktop
+        console.log(chalk.bold.yellow("  Remember:"));
+        console.log(chalk.gray("  After starting the interceptor, " + chalk.bold("quit and relaunch Claude Desktop") + " (⌘Q)"));
+        console.log(chalk.gray("  so mitmproxy can hook into the new process.\n"));
     }
 }
 function printBanner() {

package/dist/interceptor/mitmproxy-manager.js

@@ -60,6 +60,64 @@ export async function checkMitmproxyInstalled() {
         return false;
     }
 }
+/**
+ * Check the approval status of the mitmproxy macOS Network Extension.
+ * No-op on Windows/Linux (returns "enabled").
+ *
+ * Parses `systemextensionsctl list` output, looking for the mitmproxy entry.
+ * Status comes from the flags column:
+ *   "* *"   → enabled + active
+ *   "  *"   → active but waiting for user approval
+ */
+export async function getNetworkExtensionStatus() {
+    if (!isMacos())
+        return "enabled"; // Only macOS needs this check
+    try {
+        const { stdout } = await execFileP("systemextensionsctl", ["list"]);
+        const mitmLine = stdout
+            .split("\n")
+            .find((l) => l.toLowerCase().includes("mitmproxy"));
+        if (!mitmLine)
+            return "not_installed";
+        // systemextensionsctl flags are the first two columns; "*" means set.
+        // Order is "enabled active" — both must be "*" for the extension to work.
+        // Example strings seen in the wild:
+        //   "*\t*\tS8XHQB96PW\torg.mitmproxy.macos-redirector..." → enabled
+        //   "\t*\tS8XHQB96PW\torg.mitmproxy.macos-redirector..."  → waiting
+        //
+        // We also accept the human-readable "[activated enabled]" / "[activated waiting for user]"
+        // suffix that newer macOS versions append.
+        if (mitmLine.includes("[activated enabled]"))
+            return "enabled";
+        if (mitmLine.includes("waiting for user"))
+            return "waiting";
+        const cols = mitmLine.split("\t").map((s) => s.trim());
+        const enabled = cols[0] === "*";
+        const active = cols[1] === "*";
+        if (enabled && active)
+            return "enabled";
+        if (!enabled && active)
+            return "waiting";
+        return "not_installed";
+    }
+    catch {
+        return "unknown";
+    }
+}
+/** Open the macOS "Login Items & Extensions" settings pane. Best-effort. */
+export async function openNetworkExtensionSettings() {
+    if (!isMacos())
+        return;
+    try {
+        // The x-apple.systempreferences URL opens the right pane in System Settings.
+        // Extensions pane is not directly deep-linkable, so we open the closest one.
+        await execFileP("open", ["x-apple.systempreferences:com.apple.LoginItems-Settings.extension"]);
+    }
+    catch {
+        // If that fails, fall back to opening plain System Settings
+        await execFileP("open", ["/System/Applications/System Settings.app"]).catch(() => { });
+    }
+}
 // ─── CA certificate ───────────────────────────────────────────────────────────
 export function isCaCertInstalled() {
     return existsSync(CA_PATH);
@@ -136,7 +194,7 @@ export function writeAddonScript(target) {
         writeFileSync(ADDON_PATH, src, "utf-8");
     }
     else {
-        // Inline fallback — minimal addon
+        // Inline fallback — minimal addon (only redirects /v1/messages and /v1/models)
         const script = `
 import os
 from mitmproxy import http
@@ -144,10 +202,13 @@ from urllib.parse import urlparse
 
 _target = os.environ.get("CC_ROUTER_TARGET", ${JSON.stringify(target)}).rstrip("/")
 _p = urlparse(_target)
+_REDIRECT_PREFIXES = ("/v1/messages", "/v1/models")
 
 def request(flow: http.HTTPFlow) -> None:
     if flow.request.pretty_host != "api.anthropic.com":
         return
+    if not flow.request.path.startswith(_REDIRECT_PREFIXES):
+        return
     flow.request.scheme = _p.scheme
     flow.request.host = _p.hostname or "localhost"
     flow.request.port = _p.port or (443 if _p.scheme == "https" else 80)
@@ -162,6 +223,24 @@ def request(flow: http.HTTPFlow) -> None:
  * api.anthropic.com traffic to CC-Router via the addon script.
  */
 export async function startInterceptor(target) {
+    // On macOS, verify the Network Extension is enabled before attempting to start.
+    // If it's "waiting", mitmdump starts silently but captures zero traffic.
+    if (isMacos()) {
+        const status = await getNetworkExtensionStatus();
+        if (status === "waiting") {
+            throw new Error("Mitmproxy Network Extension is installed but not yet approved.\n" +
+                "  Open: System Settings → General → Login Items & Extensions → Network Extensions\n" +
+                '  Toggle "Mitmproxy Redirector" ON and enter your admin password.\n' +
+                "  Then re-run this command.");
+        }
+        if (status === "not_installed") {
+            throw new Error("Mitmproxy Network Extension is not installed.\n" +
+                "  Run mitmdump once manually to trigger the installation:\n" +
+                '    mitmdump --mode "local:Claude" --set connection_strategy=lazy\n' +
+                "  macOS will prompt you to approve it in System Settings.\n" +
+                "  Then re-run this command.");
+        }
+    }
     // Ensure addon exists
     if (!existsSync(ADDON_PATH))
         writeAddonScript(target);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "ai-cc-router",
-  "version": "0.2.1",
+  "version": "0.2.3",
   "description": "Round-robin proxy for Claude Max OAuth tokens — use multiple Claude Max accounts with Claude Code",
   "type": "module",
   "bin": {

package/src/interceptor/addon.py

@@ -1,11 +1,16 @@
-# mitmproxy addon — redirects api.anthropic.com traffic to CC-Router.
+# mitmproxy addon — redirects ONLY /v1/messages traffic to CC-Router.
 #
-# Installed and launched by `cc-router client start-desktop`.
-# Target URL comes from the CC_ROUTER_TARGET env var (set by the launcher).
+# Claude Desktop sends many types of requests to api.anthropic.com:
+#   /v1/messages         → LLM inference (this is what we redirect)
+#   /v1/messages/count_tokens → token counting (redirect too)
+#   /v1/oauth/*          → session auth (must NOT redirect)
+#   /v1/environments/*   → bridge/cowork (must NOT redirect)
+#   /v1/models           → model listing (redirect — CC-Router proxies this)
+#   /api/*               → desktop features (must NOT redirect)
 #
-# Why not set the target as a script argument: mitmproxy's addon loader
-# does not pass argv through reliably, and env vars give us a single
-# unambiguous channel that survives the spawn boundary.
+# Only /v1/messages* and /v1/models are safe to redirect because CC-Router
+# injects its own OAuth token. Everything else carries the user's own
+# session token for features CC-Router doesn't handle.
 
 import os
 from urllib.parse import urlparse
@@ -16,22 +21,27 @@ _target_raw = os.environ.get("CC_ROUTER_TARGET", "http://localhost:3456")
 _target = _target_raw.rstrip("/")
 _target_parsed = urlparse(_target)
 
-# Fail closed on boot if the target is unusable — better than silently
-# forwarding to a broken URL and seeing Claude Desktop timeout.
 if not _target_parsed.scheme or not _target_parsed.netloc:
     raise RuntimeError(f"CC_ROUTER_TARGET is not a valid URL: {_target_raw!r}")
 
+# Paths that CC-Router can handle (it injects its own OAuth token)
+_REDIRECT_PREFIXES = (
+    "/v1/messages",
+    "/v1/models",
+)
+
 
 def request(flow: http.HTTPFlow) -> None:
     if flow.request.pretty_host != "api.anthropic.com":
         return
 
-    # Preserve path + query (e.g. /v1/messages?beta=oauth-2025-04-20)
-    # and swap only the scheme + host.
+    # Only redirect inference and model-listing paths
+    if not flow.request.path.startswith(_REDIRECT_PREFIXES):
+        return
+
     flow.request.scheme = _target_parsed.scheme
     flow.request.host = _target_parsed.hostname or "localhost"
     flow.request.port = _target_parsed.port or (443 if _target_parsed.scheme == "https" else 80)
-    # Rewrite the Host header so CC-Router sees itself, not api.anthropic.com.
     flow.request.headers["host"] = flow.request.host + (
         f":{flow.request.port}"
         if flow.request.port not in (80, 443)