Skills Guide

MITM Traffic Inspection

VerifiedSafe

Inspect captured HTTP traffic from the MITM proxy. Use to list, filter, and view request/response details of intercepted requests. Helps analyze network activity, debug API calls, or export traffic as HAR for external tools.

Sby Skills Guide Bot
TestingIntermediate
706/2/2026
Claude Code
#mitm-proxy#http-inspection#traffic-capture#network-debugging

Recommended for

Claude CodeTest generationQA / test engineer

Our review

Inspect captured HTTP traffic from a MITM proxy by querying a REST API to list, filter, and view request/response details.

Strengths

  • Filtering by URL substring
  • Full view of request/response headers and bodies
  • Export as HAR for external tools
  • Clear history support

Limitations

  • Requires MITM proxy running on localhost:8889
  • Only works with intercepted traffic
  • No WebSocket support
When to use it

When debugging network calls during development or testing.

When not to use it

When real-time traffic monitoring is needed or MITM proxy is not set up.

Security analysis

Safe
Quality score90/100

The skill only queries a local MITM proxy API on localhost for legitimate traffic inspection and uses bundled bash scripts. No destructive actions, exfiltration, or external network calls. The use of user-provided filter argument is low risk and handled by curl's query string.

No concerns found

Examples

List recent requests
Show me the last 10 HTTP requests captured by the MITM proxy.
Filter by domain
List all captured requests that contain api.example.com in the URL.
Inspect a specific request
Show me the full details of request ID 5 from the proxy, including headers and body.

name: mitm-inspect description: Inspect captured HTTP traffic from the MITM proxy. Use when the user wants to see what requests were made, filter traffic by URL, view request/response details, or analyze network activity. argument-hint: "[filter-pattern]" allowed-tools: Bash(bash *) Bash(curl *)

Inspect Captured Traffic

Use the MITM proxy REST API to list, filter, and inspect intercepted HTTP requests.

Arguments: $ARGUMENTS is an optional filter pattern (substring match on URL).

List requests

curl -s "http://localhost:8889/api/requests?filter=$ARGUMENTS&limit=20" | cat

Query params: | Param | Type | Default | Description | |-------|------|---------|-------------| | filter | string | (none) | Substring match on request URL | | limit | number | 100 | Max results to return | | offset | number | 0 | Pagination offset |

Response shape:

{
  "total": 42,
  "offset": 0,
  "limit": 20,
  "requests": [
    {
      "id": 1,
      "method": "GET",
      "url": "https://api.example.com/users",
      "status": 200,
      "duration": 145,
      "size": 2048,
      "timestamp": "2026-02-14T12:00:00.000Z",
      "modified": false,
      "blocked": false,
      "redirected": false,
      "transformed": false
    }
  ]
}

Get request detail

curl -s http://localhost:8889/api/requests/<ID> | cat

Replace <ID> with the numeric request ID from the list.

Response shape:

{
  "id": 1,
  "method": "GET",
  "url": "https://api.example.com/users",
  "timestamp": "2026-02-14T12:00:00.000Z",
  "duration": 145,
  "modified": false,
  "blocked": false,
  "redirected": false,
  "redirectTarget": null,
  "transformed": false,
  "request": {
    "headers": { "host": "api.example.com", "accept": "*/*" },
    "body": ""
  },
  "response": {
    "status": 200,
    "headers": { "content-type": "application/json" },
    "body": "{\"users\":[...]}"
  }
}

Clear request history

curl -s -X DELETE http://localhost:8889/api/requests | cat

Response: { "cleared": true }

Bundled scripts

Traffic summary

Get a breakdown of captured traffic by domain, status code, and timing:

bash skills/mitm-inspect/scripts/traffic-summary.sh "$ARGUMENTS"

Outputs domain counts, status code distribution, average/max duration, and modification stats.

Export as HAR

Export captured requests to a HAR-like JSON file for external tools:

bash skills/mitm-inspect/scripts/export-har.sh "$ARGUMENTS" 100 mitm-export.json

Arguments: [filter] [limit] [output-file]

Typical workflow

  1. List recent trafficcurl -s "http://localhost:8889/api/requests?limit=10"
  2. Filter by domaincurl -s "http://localhost:8889/api/requests?filter=api.example.com"
  3. Inspect a specific requestcurl -s http://localhost:8889/api/requests/5
  4. Check request/response bodies — look at .request.body and .response.body fields
  5. Get a traffic summarybash skills/mitm-inspect/scripts/traffic-summary.sh
  6. Export for analysisbash skills/mitm-inspect/scripts/export-har.sh
  7. Clear old trafficcurl -s -X DELETE http://localhost:8889/api/requests
Related skills

TDD Red-Green-Refactor

Testing

Skill that guides Claude through the complete TDD cycle.

Claude CodeWindsurfintermediate
650
189
2,063
Admin

Web Accessibility Audit

Testing

Performs a comprehensive web accessibility audit following WCAG standards.

claudeCursorWindsurfintermediate
129
37
441
Admin

UAT Test Case Generator

Testing

Generates structured and comprehensive user acceptance test cases.

claudechatgptintermediate
87
24
360
Admin