diff --git a/action.yml b/action.yml
index ab4574e..9cd043a 100644
--- a/action.yml
+++ b/action.yml
@@ -155,31 +155,108 @@ runs:
         ADDITIONAL_PERMISSIONS: ${{ inputs.additional_permissions }}
         USE_COMMIT_SIGNING: ${{ inputs.use_commit_signing }}
 
+    - name: Install Base Action Dependencies
+      if: steps.prepare.outputs.contains_trigger == 'true'
+      shell: bash
+      run: |
+        echo "Installing base-action dependencies..."
+        cd ${GITHUB_ACTION_PATH}/base-action
+        bun install
+        echo "Base-action dependencies installed"
+
     - name: Setup Network Restrictions
       if: steps.prepare.outputs.contains_trigger == 'true' && inputs.experimental_allowed_domains != ''
       shell: bash
       run: |
-        # Install and configure Squid proxy
-        sudo apt-get update && sudo apt-get install -y squid
+        SQUID_START_TIME=$(date +%s.%N)
 
+        # Create whitelist file
         echo "${{ inputs.experimental_allowed_domains }}" > $RUNNER_TEMP/whitelist.txt
 
-        # Configure Squid
-        sudo tee /etc/squid/squid.conf << EOF
-        http_port 127.0.0.1:3128
-        acl whitelist dstdomain "$RUNNER_TEMP/whitelist.txt"
-        acl localhost src 127.0.0.1/32
-        http_access allow localhost whitelist
-        http_access deny all
-        cache deny all
-        EOF
+        # Ensure each domain has proper format
+        # If domain doesn't start with a dot and isn't an IP, add the dot for subdomain matching
+        mv $RUNNER_TEMP/whitelist.txt $RUNNER_TEMP/whitelist.txt.orig
+        while IFS= read -r domain; do
+          if [ -n "$domain" ]; then
+            # Trim whitespace
+            domain=$(echo "$domain" | xargs)
+            # If it's not empty and doesn't start with a dot, add one
+            if [[ "$domain" != .* ]] && [[ ! "$domain" =~ ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
+              echo ".$domain" >> $RUNNER_TEMP/whitelist.txt
+            else
+              echo "$domain" >> $RUNNER_TEMP/whitelist.txt
+            fi
+          fi
+        done < $RUNNER_TEMP/whitelist.txt.orig
 
-        # Stop any existing squid instance and start with our config
-        sudo squid -k shutdown || true
-        sleep 2
-        sudo rm -f /run/squid.pid
-        sudo squid -N -d 1 &
-        sleep 5
+        # Create Squid config with whitelist
+        echo "http_port 3128" > $RUNNER_TEMP/squid.conf
+        echo "" >> $RUNNER_TEMP/squid.conf
+        echo "# Define ACLs" >> $RUNNER_TEMP/squid.conf
+        echo "acl whitelist dstdomain \"/etc/squid/whitelist.txt\"" >> $RUNNER_TEMP/squid.conf
+        echo "acl localnet src 127.0.0.1/32" >> $RUNNER_TEMP/squid.conf
+        echo "acl localnet src 172.17.0.0/16" >> $RUNNER_TEMP/squid.conf
+        echo "acl SSL_ports port 443" >> $RUNNER_TEMP/squid.conf
+        echo "acl Safe_ports port 80" >> $RUNNER_TEMP/squid.conf
+        echo "acl Safe_ports port 443" >> $RUNNER_TEMP/squid.conf
+        echo "acl CONNECT method CONNECT" >> $RUNNER_TEMP/squid.conf
+        echo "" >> $RUNNER_TEMP/squid.conf
+        echo "# Deny requests to certain unsafe ports" >> $RUNNER_TEMP/squid.conf
+        echo "http_access deny !Safe_ports" >> $RUNNER_TEMP/squid.conf
+        echo "" >> $RUNNER_TEMP/squid.conf
+        echo "# Only allow CONNECT to SSL ports" >> $RUNNER_TEMP/squid.conf
+        echo "http_access deny CONNECT !SSL_ports" >> $RUNNER_TEMP/squid.conf
+        echo "" >> $RUNNER_TEMP/squid.conf
+        echo "# Allow localhost" >> $RUNNER_TEMP/squid.conf
+        echo "http_access allow localhost" >> $RUNNER_TEMP/squid.conf
+        echo "" >> $RUNNER_TEMP/squid.conf
+        echo "# Allow localnet access to whitelisted domains" >> $RUNNER_TEMP/squid.conf
+        echo "http_access allow localnet whitelist" >> $RUNNER_TEMP/squid.conf
+        echo "" >> $RUNNER_TEMP/squid.conf
+        echo "# Deny everything else" >> $RUNNER_TEMP/squid.conf
+        echo "http_access deny all" >> $RUNNER_TEMP/squid.conf
+
+        echo "Starting Squid proxy..."
+        # First, remove any existing container
+        sudo docker rm -f squid-proxy 2>/dev/null || true
+
+        # Ensure whitelist file is not empty (Squid fails with empty files)
+        if [ ! -s "$RUNNER_TEMP/whitelist.txt" ]; then
+          echo "WARNING: Whitelist file is empty, adding a dummy entry"
+          echo ".example.com" >> $RUNNER_TEMP/whitelist.txt
+        fi
+
+        # Use sudo to prevent Claude from stopping the container
+        CONTAINER_ID=$(sudo docker run -d \
+          --name squid-proxy \
+          -p 127.0.0.1:3128:3128 \
+          -v $RUNNER_TEMP/squid.conf:/etc/squid/squid.conf:ro \
+          -v $RUNNER_TEMP/whitelist.txt:/etc/squid/whitelist.txt:ro \
+          ubuntu/squid:latest 2>&1) || {
+          echo "ERROR: Failed to start Squid container"
+          exit 1
+        }
+
+        # Wait for proxy to be ready (usually < 1 second)
+        READY=false
+        for i in {1..30}; do
+          if nc -z 127.0.0.1 3128 2>/dev/null; then
+            TOTAL_TIME=$(echo "scale=3; $(date +%s.%N) - $SQUID_START_TIME" | bc)
+            echo "Squid proxy ready in ${TOTAL_TIME}s"
+            READY=true
+            break
+          fi
+          sleep 0.1
+        done
+
+        if [ "$READY" != "true" ]; then
+          echo "ERROR: Squid proxy failed to start within 3 seconds"
+          echo "Container logs:"
+          sudo docker logs squid-proxy 2>&1 || true
+          echo "Container status:"
+          sudo docker ps -a | grep squid-proxy || true
+          exit 1
+        fi
 
         # Set proxy environment variables
         echo "http_proxy=http://127.0.0.1:3128" >> $GITHUB_ENV
@@ -196,9 +273,6 @@ runs:
         bun install -g @anthropic-ai/claude-code@1.0.59
 
         # Run the base-action
-        cd ${GITHUB_ACTION_PATH}/base-action
-        bun install
-        cd -
         bun run ${GITHUB_ACTION_PATH}/base-action/src/index.ts
       env:
         # Base-action inputs