I agree that there are downsides to this approach. NVIDIA OpenShell does the same thing: <a href="https://docs.nvidia.com/openshell/latest/sandboxes/manage-providers#how-credential-injection-works" rel="nofollow">https://docs.nvidia.com/openshell/latest/sandboxes/manage-pr...</a>. I had wondered how they deal with the fact that client programs sometimes come with their own CA bundles. Turns out OpenShell sets various common environment variables (like REQUESTS_CA_BUNDLE used by Python's requests) to try to convince as many clients as possible that the proxy's certificate is to be trusted :) I would assume exe.dev does something similar.<p>(I was interested in this because I was actually working on something similar recently: <a href="https://github.com/imbue-ai/latchkey" rel="nofollow">https://github.com/imbue-ai/latchkey</a>. To avoid the certificates issue, this library uses a gateway approach instead of a proxy, i.e. clients call endpoints like "http(s)://gateway.url:port/gateway/<a href="https://api.github.com/" rel="nofollow">https://api.github.com/</a>..." which can be effectively hidden behind the "latchkey curl" invocation.)