Capture your AI agent traces at the network level — transparently, locally, and without per-app configuration.
AgentTap is a macOS desktop app that intercepts AI provider API traffic through a local MITM proxy using DNS-based routing, capturing complete request/response traces in real time. No JSONL scraping, no fragile file watchers — just raw API data captured at the network layer.
Current approaches to capturing AI agent conversations are fragile:
- JSONL file parsing depends on each tool's local logging format — one update breaks everything
- Manual certificate swapping requires sudo commands and disrupts all your traffic
- Per-app proxy config (
HTTPS_PROXY,NODE_EXTRA_CA_CERTS) needs setup for every tool individually
AgentTap solves this with DNS-based interception: only AI provider domains are routed through a local transparent proxy via /etc/hosts and pf redirect rules. Everything else is unaffected. Turn it on, and every API call to Anthropic, OpenAI, Google AI, etc. is captured — whether it comes from Claude Code, Cursor, Codex, or any other agent.
brew install --cask GeiserX/agenttap/agenttapOn first launch, AgentTap will prompt for admin access to install a privileged helper that manages firewall rules and CA certificate trust. This is a one-time setup.
AI coding agent (Claude Code, Cursor, Codex, etc.)
|
v
[/etc/hosts redirects AI domains to 127.0.0.1]
|
v
[pf rdr routes to local transparent proxy]
|
v
[MITM proxy — decrypts, captures, re-encrypts]
|
v
[Upstream forwarder — resolves real IP via DoH, connects directly]
|
v
[Response captured to SQLite and relayed back]
All other traffic (browsing, Slack, email, etc.) flows normally — only configured AI provider domains are intercepted.
- Zero per-app configuration — works at the network level; any tool that calls an AI API is captured automatically
- Selective domain routing — only AI API domains are intercepted; everything else untouched
- Real-time streaming capture — captures SSE streams as they happen, not after the fact
- Cost estimation — per-trace cost calculated from model and token counts
- Session grouping — traces grouped by time window for easy browsing
- Multi-provider support — 10 providers out of the box, with more easily added
- Export — download traces as JSON, JSONL, or cURL commands
- Filtering — filter traces by provider, model, or source application
- Menu bar app — tray icon with live status (closed eye = off, open eye = capturing, X eye = error)
- Local-only storage — traces stored in SQLite on your machine; nothing leaves your network
| Provider | Domains |
|---|---|
| Anthropic | api.anthropic.com |
| OpenAI | api.openai.com |
| Google AI | generativelanguage.googleapis.com |
| AWS Bedrock | bedrock-runtime.{us-east-1,us-west-2,eu-west-1}.amazonaws.com |
| Mistral | api.mistral.ai |
| DeepSeek | api.deepseek.com |
| xAI | api.x.ai |
| Cohere | api.cohere.ai |
| Groq | api.groq.com |
| Cursor | api2.cursor.sh |
More providers can be added via configuration.
┌─────────────────────────────────────────────────┐
│ ElectroBun Desktop App (menu bar) │
│ Toggle capture, browse traces, export data │
├─────────────────────────────────────────────────┤
│ Privileged Helper (LaunchDaemon) │
│ pf rules, /etc/hosts, CA keychain trust │
├────────────┬────────────────────────────────────┤
│ Transparent│ MITM Proxy │ Upstream │
│ Proxy │ TLS termination, │ Forwarder │
│ (CONNECT) │ request/response │ (DoH resolve, │
│ │ capture, SSE │ direct conn) │
│ │ reassembly │ │
├────────────┴────────────────────┴───────────────┤
│ SQLite Storage + Write Batcher │
│ Traces, sessions, cost data │
└─────────────────────────────────────────────────┘
- Privileged Helper — a Swift LaunchDaemon that manages
pffirewall rules,/etc/hostsentries, and system keychain CA trust via a Unix socket protocol - Transparent Proxy — accepts redirected connections and establishes CONNECT tunnels to the MITM proxy
- MITM Proxy — per-domain TLS termination with dynamically generated leaf certificates, full request/response capture, chunked transfer and SSE stream reassembly
- Upstream Forwarder — resolves real provider IPs via DNS-over-HTTPS (bypassing local
/etc/hostsoverrides), then connects directly with connection pooling - CA Trust — auto-generated root CA persisted in
~/Library/Application Support/AgentTap/ca/, trusted in macOS keychain and exported viaNODE_EXTRA_CA_CERTSfor Bun/Node.js tools
- Framework: ElectroBun (Bun-based desktop framework)
- Language: TypeScript + Swift (privileged helper)
- Proxy: Bun-native TLS interception with BoringSSL
- Storage: SQLite with batched writes
- DNS: DNS-over-HTTPS for upstream resolution
- Platforms: macOS (Linux planned)
AgentTap is fully local. No telemetry, no cloud, no analytics. Your traces are yours.