trollbridge

Wire policy for sandboxed agents

Let your agents
run amok.

trollbridge is an HTTP proxy. The amok is local — your agent has free run of the VM, container, or Incus instance you put it in. Online, every outbound request goes through an allow list of HTTP servers you control; anything off the list is held for one keystroke.

curl -fsSL https://trollbridge.dev/install.sh | bash

Linux & macOS · amd64 & arm64 · installs to ~/.local/bin · no sudo. View the script.

View on GitHub →

Local: free rein. Online: only the servers you allow.

Read, write, run.

Edit source files, run builds, spawn processes, tail logs — the agent works on the machine the way you would. trollbridge gates the wire, not the file system or the process table. No holds, no prompts, no policy to write for any of it.

Outbound only where you say.

Every HTTP and HTTPS request that leaves your machine is checked against an allow list you write. api.openai.com allowed, *.suspicious.tld denied — decided at the wire, before the request goes out.

Hold the rest for one keystroke.

Anything the allow list doesn't cover pauses at the proxy. Approve in the operator UI with one keystroke; sticky-approve to make it policy without editing a file. Held requests wait — walk away and they're still there in the morning.

trollbridge gates the wire; the sandbox bounds the file system and processes.

How it works.

Policy.

Inline allow/deny lists handle the obvious cases at the wire. api.openai.com allowed, *.suspicious.tld denied — decided before the request reaches the network.

LLM.

When "is this domain ok?" needs judgment, an LLM advisor reads the request and recommends allow or deny. You stay in the loop with less friction.

Manual.

Anything policy doesn't cover gets held. Approve or deny with a keystroke in the operator UI. Sticky decisions become new policy without you editing a file.

Quickstart.

  1. Install

    curl -fsSL https://trollbridge.dev/install.sh | bash

    User-mode install to ~/.local/bin. No sudo, no system files.

  2. Run & point your agent

    trollbridge quickstart
eval "$(trollbridge env)"

    Starts the proxy on 127.0.0.1:8080 and exports HTTP_PROXY / HTTPS_PROXY for the current shell. Works with any HTTP client.

  3. Approve, deny, observe

    Each held request appears in the operator UI. Approve once or make it sticky. Tail the audit log for a record of every decision.

Ready in 30 seconds.

curl -fsSL https://trollbridge.dev/install.sh | bash

Installs to ~/.local/bin/trollbridge. Verifies SHA256 against the GitHub release. Run install.sh --uninstall to remove.