// the find
starbaser/ccproxy
Build mods for Claude Code: Hook any request, modify any response, /model "with-your-custom-model", intelligent model routing using your logic or ours
ccproxy is a network-layer proxy for LLM tooling that intercepts traffic from Claude Code, Cursor, Aider, and similar clients. It sits between your tools and the upstream APIs, letting you reroute requests across providers, inject hooks, and inspect what's actually hitting the wire. Think of it as mitmproxy with an LLM-aware pipeline bolted on top.
The DAG-driven hook pipeline with topological sort and parallel execution is the right design for composable middleware — much better than a linear chain you can't reorder. The `flows diff` and `flows compare` commands (client request vs. forwarded request) are genuinely useful for debugging what the transform layer did. The `anthropic_oauth` auth source that shares and atomically writes back `~/.claude/.credentials.json` is a practical solution to the credential sync problem. The WireGuard namespace jail for transparent capture is more honest than proxy env-var injection — it catches tools that ignore those variables.
The 'shape replay' mechanism — where you capture and replay sanitized SDK envelopes to satisfy compliance checks — is fragile by design. The README says if a packaged shape goes stale you need to wait for a ccproxy release, which means your setup breaks whenever Anthropic ships an SDK update. The macOS story is second-class: the headline feature (transparent namespace jail) is Linux-only, and this is buried in a platform table rather than upfront. The dependency on mitmproxy as the interception layer means you're carrying a full MITM CA infrastructure for what is mostly an HTTP transform problem, which will confuse enterprise security audits. No mention of how hooks handle errors — if a hook panics mid-stream on a streaming response, it's unclear what the client sees.