MITM proxy that injects API secrets into HTTP headers. Runs outside sandbox microVMs.
For architecture overview and security analysis, see docs/secret-proxy.md.
go build -o secret-proxy ./cmd/secret-proxy
go build -o genca ./cmd/genca| Variable | Default | Description |
|---|---|---|
LISTEN_ADDR |
:8080 |
Address to listen on |
CONTROL_PLANE_URL |
required | URL of control-plane for token validation |
CA_CERT_PATH |
/etc/secret-proxy/ca.crt |
Path to CA certificate for MITM |
CA_KEY_PATH |
/etc/secret-proxy/ca.key |
Path to CA private key |
SECRETS_PATH |
/etc/secret-proxy/secrets.json |
Path to secrets JSON file |
{
"anthropic": "sk-ant-api03-xxxxx...",
"openai": "sk-xxxxx...",
"mistral": "xxxxx...",
"github_copilot": "gho_xxxxx..."
}Keys match the secret_key returned by control-plane validation.
# Generate CA certificate
go run ./cmd/genca -out /tmp/secret-proxy
# Run proxy
CONTROL_PLANE_URL=http://localhost:3000 \
CA_CERT_PATH=/tmp/secret-proxy/ca.crt \
CA_KEY_PATH=/tmp/secret-proxy/ca.key \
SECRETS_PATH=./secrets.json \
go run ./cmd/secret-proxygo test ./...docker build -t secret-proxy .
docker run \
-e CONTROL_PLANE_URL=http://control-plane:3000 \
-v /path/to/ca.crt:/etc/secret-proxy/ca.crt \
-v /path/to/ca.key:/etc/secret-proxy/ca.key \
-v /path/to/secrets.json:/etc/secret-proxy/secrets.json \
secret-proxy- Receives CONNECT request with
Proxy-Authorization: Bearer <token>header - Validates token with control-plane (
POST /internal/validate-proxy-auth) - If allowed, establishes HTTPS tunnel with MITM
- Scans request headers for placeholder values (e.g.,
NETCLODE_PLACEHOLDER_anthropic) - Replaces with real secret from
secrets.json - Forwards to destination
Secrets are only injected into headers, never request bodies (prevents reflection attacks).