Skip to content

MacOS sandbox ignores proxy configuration #19187

New issue
New issue
Open
#19188
Open
MacOS sandbox ignores proxy configuration#19187
#19188
Labels
area/platformIssues related to Build infra, Release mgmt, Testing, Eval infra, Capacity, Quota mgmtstatus/need-triageIssues that need to be triaged by the triage automation.
@tbuckley

Description

@tbuckley
tbuckley
opened on Feb 16, 2026

What happened?

Problem

On macOS, I am testing a proxied sandbox with this example proxy:
https://geminicli.com/docs/examples/proxy-script/

  1. Start Gemini CLI with the proxy in a proxied seatbelt profile: GEMINI_SANDBOX_PROXY_COMMAND=./test-proxy.js SEATBELT_PROFILE=permissive-proxied gemini --sandbox
  2. Within Gemini CLI, enter shell mode with ! and try running curl commands: curl https://example.com curl https://www.google.com

Actual: both commands fail

What did you expect to happen?

Expected: example.com is allowed, google.com is blocked (due to official proxy script)

Client information

Client Information

Run gemini to enter the interactive CLI, then run the /about command.

> /about

│ CLI Version                                     0.28.2                                                                                     │
│ Git Commit                                      da5e47ae3                                                                                  │
│ Model                                           gemini-3-pro-preview                                                                       │
│ Sandbox                                         sandbox-exec (permissive-open)                                                             │
│ OS                                              darwin                                                                                     │
│ Auth Method                                     gemini-api-key                                                                             │

Login information

API key

Anything else we need to know?

Investigation

It appears that HTTP_PROXY/HTTPS_PROXY/http_proxy/https_proxy env vars are not being passed through to the shell commands.

Looking at the code, in /packages/cli/src/utils/sandbox.ts#L136 a sandboxEnv is created with these env vars set, but then it is never used. It should be passed to the sandboxProcess in packages/cli/src/utils/sandbox.ts#L194

Without these vars set, curl will try making the request directly instead of using our proxy.

Metadata

Metadata

Assignees

No one assigned

    Labels

    area/platformIssues related to Build infra, Release mgmt, Testing, Eval infra, Capacity, Quota mgmtstatus/need-triageIssues that need to be triaged by the triage automation.

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions