trollbridge

single binary · go · MIT

The bridge between
your agent and the internet.

An inspectable, policy-governed HTTP/HTTPS proxy for AI agents. Approve or deny each call. Log every request. Run it on your machine in 30 seconds.

curl -fsSL https://trollbridge.dev/install.sh | bash

Linux & macOS · amd64 & arm64 · installs to ~/.local/bin · no sudo. View the script.

Read the docs View on GitHub

Why a bridge?

See every request

An audit log of every URL an agent tries to reach, with the prompt that motivated the call. No more silent egress.

Approve in real time

Hold tool calls at the wire. Approve or deny with a keystroke; sticky decisions persist to your allow/deny lists.

Inspect TLS

Optional TLS interception with a CA you control, so you can read the bodies your agents are sending and receiving.

Self-describing

The proxy hosts its own setup docs at config.trollbridge.dev. Agents bootstrap with nothing but the proxy address.

Policy as code

Inline allow/deny lists for the simple case; structured rules with an LLM advisor when "is this domain ok?" needs judgment.

Single binary

Cross-compiled Go. No runtime deps. Run it on your machine, on a dev VM, or as a hardened daemon on a host you trust.

How it works

  1. Install

    curl -fsSL https://trollbridge.dev/install.sh | bash

    User-mode install to ~/.local/bin. No sudo, no system files.

  2. Run

    trollbridge quickstart

    Writes a minimal yaml and starts the proxy on 127.0.0.1:8080 with a two-pane operator UI.

  3. Point your agent at it

    eval "$(trollbridge env)"
curl -sI https://example.com

    Standard HTTP_PROXY / HTTPS_PROXY exports — works with any HTTP client.

  4. Approve, deny, observe

    Each held request appears in the operator UI. Approve once or make it sticky. Tail the audit log for a record of every decision.

Ready in 30 seconds.

curl -fsSL https://trollbridge.dev/install.sh | bash

Installs to ~/.local/bin/trollbridge. Verifies SHA256 against the GitHub release. Run install.sh --uninstall to remove.