diff --git a/CHANGELOG.md b/CHANGELOG.md
index eda1aa15b..d42872169 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -12,6 +12,7 @@ Only write entries that are worth mentioning to users.
 ## Unreleased
 
 - MCP: Add loading indicators for MCP server connections — Shell displays a "Connecting to MCP servers..." spinner and Web shows a status message while MCP tools are being loaded
+- Core: Enable `trust_env` in aiohttp client session to respect proxy environment variables (`https_proxy`, `http_proxy`, etc.)
 - Web: Fix scrollable file list overflow in the toolbar changes panel
 - Core: Add `compaction_trigger_ratio` config option (default `0.85`) to control when auto-compaction triggers — compaction now fires when context usage reaches the configured ratio or when remaining space falls below `reserved_context_size`, whichever comes first
 - Core: Support custom instructions in `/compact` command (e.g., `/compact keep database discussions`) to guide what the compaction preserves
diff --git a/docs/en/configuration/env-vars.md b/docs/en/configuration/env-vars.md
index 29d708554..08cf514c4 100644
--- a/docs/en/configuration/env-vars.md
+++ b/docs/en/configuration/env-vars.md
@@ -115,6 +115,35 @@ export OPENAI_API_KEY="sk-xxx"
 | `KIMI_SHARE_DIR` | Customize the share directory path (default: `~/.kimi`) |
 | `KIMI_CLI_NO_AUTO_UPDATE` | Disable automatic update check |
 
+### Proxy environment variables
+
+Kimi Code CLI supports configuring HTTP/HTTPS proxies through standard proxy environment variables. These variables affect all HTTP requests to external APIs (including Kimi API, OAuth services, web scraping, etc.).
+
+| Environment Variable | Description |
+| --- | --- |
+| `http_proxy` / `HTTP_PROXY` | HTTP proxy server address |
+| `https_proxy` / `HTTPS_PROXY` | HTTPS proxy server address |
+| `all_proxy` / `ALL_PROXY` | Proxy server address for all protocols |
+| `no_proxy` / `NO_PROXY` | Comma-separated list of addresses that do not use proxy |
+
+**Proxy configuration examples**
+
+```sh
+# Set HTTPS proxy
+export https_proxy="http://proxy.example.com:8080"
+
+# Set proxy with authentication
+export https_proxy="http://username:password@proxy.example.com:8080"
+
+# Bypass proxy for certain addresses
+export no_proxy="localhost,127.0.0.1,api.moonshot.cn"
+```
+
+::: tip
+- Setting both `http_proxy` and `https_proxy` ensures all types of requests go through the proxy
+- `no_proxy` supports wildcards, e.g., `.example.com` matches all subdomains of `example.com`
+:::
+
 ### `KIMI_SHARE_DIR`
 
 Customize the share directory path for Kimi Code CLI. The default path is `~/.kimi`, where configuration, sessions, logs, and other runtime data are stored.
diff --git a/docs/en/reference/kimi-web.md b/docs/en/reference/kimi-web.md
index 770d14bf2..a91f6e666 100644
--- a/docs/en/reference/kimi-web.md
+++ b/docs/en/reference/kimi-web.md
@@ -92,7 +92,7 @@ Use `--auth-token` to set an access token. Clients need to include `Authorizatio
 kimi web --network --auth-token my-secret-token
 ```
 
-::: tip Tip
+::: tip
 The access token should be a randomly generated string with at least 32 characters. You can use `openssl rand -hex 32` to generate a random token.
 :::
 
@@ -104,7 +104,7 @@ Use `--allowed-origins` to restrict the origin domains that can access Web UI:
 kimi web --network --allowed-origins "https://example.com,https://app.example.com"
 ```
 
-::: tip Tip
+::: tip
 When using `--network` or `--host` to enable network access, it is recommended to configure `--allowed-origins` to prevent Cross-Site Request Forgery (CSRF) attacks.
 :::
 
@@ -134,7 +134,7 @@ kimi web --network --restrict-sensitive-apis
 
 In `--public` mode, `--restrict-sensitive-apis` is enabled by default; in `--lan-only` mode (default), it is not enabled.
 
-::: tip Tip
+::: tip
 When you need to expose Web UI to untrusted network environments, it is recommended to enable the `--restrict-sensitive-apis` option.
 :::
 
diff --git a/docs/en/release-notes/changelog.md b/docs/en/release-notes/changelog.md
index c2a7091e9..d91edafbb 100644
--- a/docs/en/release-notes/changelog.md
+++ b/docs/en/release-notes/changelog.md
@@ -5,6 +5,7 @@ This page documents the changes in each Kimi Code CLI release.
 ## Unreleased
 
 - MCP: Add loading indicators for MCP server connections — Shell displays a "Connecting to MCP servers..." spinner and Web shows a status message while MCP tools are being loaded
+- Core: Enable `trust_env` in aiohttp client session to respect proxy environment variables (`https_proxy`, `http_proxy`, etc.)
 - Web: Fix scrollable file list overflow in the toolbar changes panel
 - Core: Add `compaction_trigger_ratio` config option (default `0.85`) to control when auto-compaction triggers — compaction now fires when context usage reaches the configured ratio or when remaining space falls below `reserved_context_size`, whichever comes first
 - Core: Support custom instructions in `/compact` command (e.g., `/compact keep database discussions`) to guide what the compaction preserves
diff --git a/docs/zh/configuration/env-vars.md b/docs/zh/configuration/env-vars.md
index 93e56b514..f112861d1 100644
--- a/docs/zh/configuration/env-vars.md
+++ b/docs/zh/configuration/env-vars.md
@@ -115,6 +115,35 @@ export OPENAI_API_KEY="sk-xxx"
 | `KIMI_SHARE_DIR` | 自定义共享目录路径（默认 `~/.kimi`） |
 | `KIMI_CLI_NO_AUTO_UPDATE` | 禁用自动更新检查 |
 
+### 代理环境变量
+
+Kimi Code CLI 支持通过标准的代理环境变量配置 HTTP/HTTPS 代理。这些变量会影响所有对外部 API 的 HTTP 请求（包括 Kimi API、OAuth 服务、网页抓取等）。
+
+| 环境变量 | 说明 |
+| --- | --- |
+| `http_proxy` / `HTTP_PROXY` | HTTP 代理服务器地址 |
+| `https_proxy` / `HTTPS_PROXY` | HTTPS 代理服务器地址 |
+| `all_proxy` / `ALL_PROXY` | 所有协议的代理服务器地址 |
+| `no_proxy` / `NO_PROXY` | 不使用代理的地址列表（逗号分隔） |
+
+**设置代理示例**
+
+```sh
+# 设置 HTTPS 代理
+export https_proxy="http://proxy.example.com:8080"
+
+# 设置带有认证的代理
+export https_proxy="http://username:password@proxy.example.com:8080"
+
+# 对某些地址不使用代理
+export no_proxy="localhost,127.0.0.1,api.moonshot.cn"
+```
+
+::: tip 提示
+- 同时设置 `http_proxy` 和 `https_proxy` 可以确保所有类型的请求都经过代理
+- `no_proxy` 中的地址支持通配符，如 `.example.com` 会匹配所有 `example.com` 的子域名
+:::
+
 ### `KIMI_SHARE_DIR`
 
 自定义 Kimi Code CLI 的共享目录路径。默认路径为 `~/.kimi`，配置、会话、日志等运行时数据存储在此目录下。
diff --git a/docs/zh/release-notes/changelog.md b/docs/zh/release-notes/changelog.md
index 3dbfaea5f..b1acdf40f 100644
--- a/docs/zh/release-notes/changelog.md
+++ b/docs/zh/release-notes/changelog.md
@@ -5,6 +5,7 @@
 ## 未发布
 
 - MCP：为 MCP 服务器连接添加加载指示器——Shell 在连接 MCP 服务器时显示 "Connecting to MCP servers..." 加载动画，Web 在 MCP 工具加载期间显示状态消息
+- Core：在 aiohttp 客户端会话中启用 `trust_env`，以支持代理环境变量（`https_proxy`、`http_proxy` 等）
 - Web：修复工具栏变更面板中文件列表滚动溢出的问题
 - Core：新增 `compaction_trigger_ratio` 配置项（默认 `0.85`），用于控制自动压缩的触发时机——当上下文用量达到配置比例或剩余空间低于 `reserved_context_size` 时触发压缩，以先满足的条件为准
 - Core：`/compact` 命令支持自定义指令（如 `/compact keep database discussions`），可指导压缩时重点保留的内容
diff --git a/src/kimi_cli/utils/aiohttp.py b/src/kimi_cli/utils/aiohttp.py
index 0fe91b235..d843ef027 100644
--- a/src/kimi_cli/utils/aiohttp.py
+++ b/src/kimi_cli/utils/aiohttp.py
@@ -9,4 +9,4 @@
 
 
 def new_client_session() -> aiohttp.ClientSession:
-    return aiohttp.ClientSession(connector=aiohttp.TCPConnector(ssl=_ssl_context))
+    return aiohttp.ClientSession(trust_env=True, connector=aiohttp.TCPConnector(ssl=_ssl_context))