First step of PRD 0005. Three new files for the
mitmproxy-in-front-of-pipelock topology — wiring into the bottle
launch comes in the next commit.
- claude_bottle/mitmproxy/__init__.py: abstract MitmproxyProxy
base + MitmproxyProxyPlan. Mirrors the PipelockProxy shape
(prepare / start / stop) and adds extract_ca_cert for the CA
cert hand-off into the agent.
- claude_bottle/mitmproxy/addon.py: the vendored Python addon
mitmproxy loads inside the sidecar. Forwards each decrypted
request to pipelock as a plain HTTP forward-proxy call,
inspects the response, and short-circuits the flow with 403 on
a pipelock block (status=403 + body starts with `blocked: `,
pinned empirically against pipelock 2.3.0 in the impl spike).
Self-contained — no claude_bottle imports — so it loads in a
sidecar that doesn't have claude_bottle on its path.
- claude_bottle/backend/docker/mitmproxy.py: DockerMitmproxyProxy
with create / cp / network connect / start lifecycle. Pinned
to mitmproxy/mitmproxy@sha256:00b77b5d… (multi-arch manifest
for v12.2.3).
- tests/unit/test_mitmproxy_verdict.py: pins the verdict
fingerprint so a pipelock-side body shape change breaks loudly.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
