Agent-Skills.md

Agent Skills: CC-Trace: Claude Code API Interception

Interactive assistant for intercepting, debugging, analyzing and reviewing Claude Code API requests using mitmproxy. Guides setup, certificate configuration, and active traffic inspection via web or CLI interface. Supports learning Claude Code internals, debugging issues, and optimizing API usage.

UncategorizedID: plurigrid/asi/cc-trace

Repository

plurigrid/asi
plurigridLicense: MIT
165

Install this agent skill to your local

pnpm dlx add-skill https://github.com/plurigrid/asi/tree/HEAD/skills/cc-trace

Skill Files

Browse the full folder contents for cc-trace.

Download Skill

Loading file tree…

skills/cc-trace/SKILL.md

Skill Metadata

Name
cc-trace
Description
Intercept and debug Claude Code API requests using mitmproxy. Inspect system prompts, tool definitions, token usage, and streaming responses. Triggers: cc-trace, mitmproxy, API interception, Claude Code debugging, traffic inspection.

CC-Trace: Claude Code API Interception

Capture and analyze Claude Code's API traffic using mitmproxy.

Quick Start

# Start mitmproxy filtering Claude API traffic
mitmweb --web-port 8081 --set flow_filter='~d api.anthropic.com' --save-stream-file ~/claude-flows.mitm

# In another terminal, launch Claude through the proxy
proxy_claude

Shell Function

Add to ~/.zshrc or ~/.bashrc:

proxy_claude() {
    export HTTP_PROXY=http://127.0.0.1:8080
    export HTTPS_PROXY=http://127.0.0.1:8080
    export NODE_EXTRA_CA_CERTS="$HOME/.mitmproxy/mitmproxy-ca-cert.pem"
    export NODE_TLS_REJECT_UNAUTHORIZED=0
    claude
}

Certificate Setup (macOS)

# Generate cert (start mitmproxy once, then quit)
mitmproxy --set flow_filter='~d api.anthropic.com'

# Trust cert in system keychain
sudo security add-trusted-cert -d -p ssl -p basic -k /Library/Keychains/System.keychain ~/.mitmproxy/mitmproxy-ca-cert.pem

Filter Syntax

| Filter | Description | |--------|-------------| | ~d api.anthropic.com | Only Anthropic API | | ~m POST | Only POST requests | | ~s "tool_use" | Responses containing tool_use | | ~b "system" | Body contains "system" | | Combine | ~d api.anthropic.com & ~m POST & ~b "tool_use" |

Programmatic Analysis

# Dump all captured requests
mitmdump -r ~/claude-flows.mitm -n --set flow_detail=2

# Show last prompt sent
bash scripts/show-last-prompt.sh

Python Addon Example

from mitmproxy import http
import json

def response(flow: http.HTTPFlow):
    if "api.anthropic.com" in flow.request.pretty_host:
        req = json.loads(flow.request.get_text())
        print(f"Model: {req.get('model')}, Messages: {len(req.get('messages', []))}, Tools: {len(req.get('tools', []))}")

Bundled Scripts

| Script | Purpose | |--------|---------| | scripts/verify-setup.sh | Check mitmproxy install, cert trust, shell config | | scripts/parse-streamed-response.ts | Parse Anthropic SSE format | | scripts/extract-slash-commands.py | Extract user messages from flows | | scripts/show-last-prompt.sh | Show most recent user prompt |

Troubleshooting

security find-certificate -c mitmproxy -a  # verify cert
lsof -i :8080                               # check port
curl -x http://127.0.0.1:8080 https://api.anthropic.com 2>&1 | head -5