
Trollbridge: an HTTP proxy that reins in unsupervised coding agents
Trollbridge is an HTTP/HTTPS proxy that sits in front of a (such as Claude Code) and controls every outbound request with allow and deny lists. It supports real-time approve-or-deny decisions from a terminal UI (TUI), and can also be wired to an LLM that makes those calls automatically based on prior decisions. The creator had been running agents in Incus for sandboxing, but a plain container firewall required poking a new hole every time the agent needed access to something else, and it could not distinguish between HTTP verbs like GET and POST.
They had also tried Claude Code's auto mode, but wanted to guide the agent rather than hand over full control, so they built a tool that combines flat allow/deny rules with finer-grained runtime decisions. The goal is preventing an agent from accidentally breaking or POSTing to a random site, a risk that is higher on where permission setups tend to be looser than at a company.
Key points
- Trollbridge is an HTTP/HTTPS proxy placed in front of a that enforces allow/deny lists on outbound requests
- A terminal UI (TUI) supports real-time approve/deny decisions, with optional LLM automation based on past choices
- Plain container firewalls couldn't distinguish HTTP verbs and needed a new hole poked for every new access need
- Built to stop agents from accidentally breaking or making unwanted POST requests, especially on with looser permission setups than at work
- Available at trollbridge.dev, with the creator seeking feedback and bug reports