skalpel 3.2.11 → 3.2.12

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/INSTALL.md +41 -0
  2. package/package.json +1 -1
package/INSTALL.md CHANGED
@@ -153,6 +153,47 @@ When the TUI connects to the daemon at launch, the handshake includes a version
153
153
 
154
154
  The handshake is also where the TUI reads the daemon's engine list and the daemon's per-agent detection results (per `SPEC.md` §6 and §9). A version-coupled handshake is also a guarantee that the TUI is reading those results from a daemon whose schema it understands. When the bundle promises versions match, the TUI does not need a defensive parse-and-recover path for the daemon's responses; the schema is whatever the bundle's joint version says it is.
155
155
 
156
+ ## Advanced: chaining `skalpeld` through a local interception proxy
157
+
158
+ By default `skalpeld` is the host's HTTP proxy for coding agents. If you
159
+ also run a separate local interception proxy (e.g. an mitmproxy that
160
+ records traffic for research), you can have the daemon **chain** its
161
+ outbound provider traffic through it without either rig fighting over the
162
+ proxy role. This is opt-in and controlled by two environment variables on
163
+ the **daemon** process:
164
+
165
+ | Variable | Values | Default | Effect |
166
+ |---|---|---|---|
167
+ | `SKALPEL_VIA_MITM` | `true` \| `false` \| `bypass` | `true` | `true`: the daemon routes its **provider** calls (Anthropic / OpenAI / …) through the proxy at `MITM_PROXY_URL`, while its own **control-plane** calls to `api.skalpel.ai` and the **Cognito** auth hop bypass the proxy (so your recordings never contain Skalpel control-plane chatter). `false` / `bypass`: the daemon talks direct to providers, no chaining; `bypass` is the explicit "turn everything off" debugging value. An unset or unrecognised value behaves as `true`. |
168
+ | `MITM_PROXY_URL` | a proxy URL | `http://127.0.0.1:8888` | The interception-proxy address to chain through when `SKALPEL_VIA_MITM=true`. The daemon's own live proxy address-file and `SKALPEL_PROXY_URL` take precedence over this if set. |
169
+
170
+ The bypass list is fixed and suffix-based — it covers the Skalpel control
171
+ plane (`api.skalpel.ai`, `.skalpel.ai`), Cognito and AWS
172
+ (`amazoncognito.com`, `amazonaws.com`), object stores
173
+ (`r2.cloudflarestorage.com`), the package registries the install path
174
+ reaches (`pypi.org`, `crates.io`, `*.github.com`), and loopback. Provider
175
+ hosts are NOT on the list, so they route through the proxy.
176
+
177
+ Because the daemon is service-managed, set these via a systemd drop-in
178
+ rather than an interactive shell:
179
+
180
+ ```ini
181
+ # ~/.config/systemd/user/skalpeld.service.d/proxy-chain.conf
182
+ [Service]
183
+ Environment=SKALPEL_VIA_MITM=true
184
+ Environment=MITM_PROXY_URL=http://127.0.0.1:8888
185
+ ```
186
+
187
+ ```bash
188
+ systemctl --user daemon-reload
189
+ systemctl --user restart skalpeld
190
+ ```
191
+
192
+ To disable chaining, set `SKALPEL_VIA_MITM=bypass` (or `false`) and
193
+ restart the daemon. The interception proxy must trust nothing extra for
194
+ this to work; the chain is purely a network-layer redirect of the
195
+ daemon's outbound sockets.
196
+
156
197
  ## Open questions
157
198
 
158
199
  A small set of bundling questions are recorded here for the build phase. Each will be resolved before v1 ships; none affect the design commitments above.
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "skalpel",
3
- "version": "3.2.11",
3
+ "version": "3.2.12",
4
4
  "description": "Skalpel — local proxy and TUI for coding agents (skalpel + skalpeld bundle).",
5
5
  "license": "Apache-2.0",
6
6
  "homepage": "https://skalpel.ai",