The Upstream Proxy: How Claude Code Intercepts Subprocess HTTP Traffic

When Claude Code runs in a cloud container, every subprocess it spawns — curl , gh , python , kubectl — needs to reach external services. But the container sits behind an organization's security perimeter. The org needs to inject credentials (API keys, auth headers) into outbound HTTPS requests, log traffic for compliance, and block unauthorized endpoints. The subprocess doesn't know any of this. It just wants to curl https://api.datadog.com . The naive solution: configure a corporate proxy and trust that every tool respects HTTPS_PROXY . But that only works if the tool trusts the proxy's TLS certificate. A corporate proxy that inspects HTTPS traffic presents its own certificate — a man-in-the-middle certificate that curl and python will reject unless they trust the issuing CA. Every runtime has its own CA trust store: Node uses NODE_EXTRA_CA_CERTS , Python uses REQUESTS_CA_BUNDLE or SSL_CERT_FILE , curl uses CURL_CA_BUNDLE , Go uses the system store. Miss one and the subprocess fails