fix: don't inject SOCKS5 proxy env vars in macOS daemon mode

In daemon mode, tun2socks provides transparent proxying at the IP level
via pf + utun, so apps don't need proxy env vars. Setting HTTP_PROXY and
HTTPS_PROXY to socks5h:// breaks apps like Bun/Node.js that read these
vars but don't support the SOCKS5 protocol (UnsupportedProxyProtocol).

internal/sandbox/macos.go

@@ -737,13 +737,18 @@ func WrapCommandMacOS(cfg *config.Config, command string, exposedPorts []int, da
 		// Using -u #<uid> preserves the user's identity (home dir, SSH keys, etc.)
 		// while -g _greywall sets the effective GID for pf matching.
 		//
+		// Do NOT inject HTTP_PROXY/HTTPS_PROXY env vars in daemon mode: tun2socks
+		// provides transparent proxying at the IP level, so apps don't need proxy
+		// env vars. Setting them to socks5h:// breaks apps (like Bun/Node.js) that
+		// read HTTP_PROXY but don't support SOCKS5 protocol.
+		//
 		// sudo resets the environment, so we use `env` after sudo to re-inject
-		// terminal vars (TERM, COLORTERM, etc.) needed for TUI apps and proxy vars.
+		// terminal vars (TERM, COLORTERM, etc.) needed for TUI apps.
 		uid := fmt.Sprintf("#%d", os.Getuid())
-		proxyEnvs := GenerateProxyEnvVars(cfg.Network.ProxyURL)
+		sandboxEnvs := GenerateProxyEnvVars("")
 		termEnvs := getTerminalEnvVars()
 		parts = append(parts, "sudo", "-u", uid, "-g", daemonSession.SandboxGroup, "env")
-		parts = append(parts, proxyEnvs...)
+		parts = append(parts, sandboxEnvs...)
 		parts = append(parts, termEnvs...)
 		parts = append(parts, "sandbox-exec", "-p", profile, shellPath, "-c", command)
 	} else {