Virtual network

The virtual network (VNet) intercepts HTTP requests made by simse and either returns mock responses, logs and passes them through, or blocks them entirely. It provides a controlled network environment with full visibility into what requests are being made.

Core behavior

By default, the VNet runs in sandbox mode. All outbound HTTP requests are intercepted before they reach the network. Each intercepted request is matched against the configured rule set:

1. Mock rules — If the request URL matches a mock rule, the mock response is returned immediately without touching the network.
2. Allow rules — If the URL matches an allow rule, the request is forwarded to the real endpoint and the response is returned to the caller.
3. Default action — If no rule matches, the default action applies. In sandbox mode, the default is to block and return an error. This can be changed to allow-all for less restrictive environments.

All intercepted requests — matched or not — are written to the request log.

Mock responses

Mock responses let you define deterministic HTTP behavior for testing and development without making real network calls.

A mock rule specifies:

• URL pattern — An exact URL or a glob pattern (e.g., https://api.example.com/*)
• Method — HTTP method to match (GET, POST, etc.), or * for any method
• Response status — The HTTP status code to return
• Response headers — Key-value pairs for the response headers
• Response body — The response body as a byte string or file reference

Mock rules are evaluated in order. The first matching rule wins. You can define as many rules as needed and they are checked on every request.

Example mock rule structure:

{
  "url": "https://api.openai.com/v1/chat/completions",
  "method": "POST",
  "status": 200,
  "body": "{\"choices\": [{\"message\": {\"content\": \"mock response\"}}]}"
}

Request logging and traffic metrics

Every intercepted request is appended to the session's request log. Each log entry includes:

Field	Description
Timestamp	When the request was made
Method	HTTP method
URL	Full request URL
Request headers	All request headers
Request body size	Byte count of the request body
Outcome	mocked, forwarded, or blocked
Response status	Status code returned
Response latency	Time to first byte (for forwarded requests)
Response body size	Byte count of the response body

Traffic metrics aggregate over the session:

• Total requests made
• Requests by outcome (mocked / forwarded / blocked)
• Requests by domain
• Total bytes sent and received
• Average response latency for forwarded requests

Metrics are available at the end of a session and are included in the session summary.

Local and SSH routing

The VNet supports two routing modes:

Local — HTTP requests are made from the local host, routed through the VNet interception layer.

SSH — HTTP requests are routed through an SSH tunnel, making them appear to originate from the remote host's network. This is useful when the target endpoint is only reachable from a specific network (for example, an internal API only accessible from a corporate network).

Both routing modes go through the same mock and allow rule evaluation — the interception logic does not change based on the underlying transport. Switching between them requires only a configuration change.

Configuring real endpoint access

To allow specific real endpoints through the sandbox, allow rules are configured at the platform level. Each rule specifies a URL pattern and allowed HTTP methods:

{
  "url": "https://api.anthropic.com/*",
  "methods": ["POST"]
}

To disable sandboxing entirely and allow all outbound requests:

{
  "network": {
    "defaultAction": "allow"
  }
}

To log all requests without blocking any:

{
  "network": {
    "defaultAction": "allow",
    "logAll": true
  }
}

Typical usage patterns

Full sandbox (testing): Default action block, all external calls served by mocks. Deterministic behavior, no external dependencies, fast execution.

Selective allow (development): Default action block, specific production APIs allowed through. Useful when you want to test real API behavior for a subset of services while mocking the rest.

Logging only (audit): Default action allow, all requests logged. No behavior change, but every network call is captured for review. Useful for understanding what an agentic workflow touches.

Unrestricted (production): Default action allow, logging disabled. The VNet layer adds minimal overhead and passes all requests through to the real network.