Yeah, but how does the sandboxed process “know” that it has to go through the proxy? How does it trust your certificate? Is the proxy fully transparent?

Oh I see. It inject HTTP_PROXY/HTTPS_PROXY/etc. env vars into the process so that all sandboxed subprocesses go through the proxy.