{"id":50222341,"url":"https://github.com/IgorGanapolsky/ThumbGate","last_synced_at":"2026-06-12T04:00:58.720Z","repository":{"id":341882669,"uuid":"1171892905","full_name":"IgorGanapolsky/ThumbGate","owner":"IgorGanapolsky","description":"Agent governance for ThumbGate: 👍/👎 become Pre-Action Checks that block repeat mistakes before code, money, or customer systems change.","archived":false,"fork":false,"pushed_at":"2026-06-06T18:13:04.000Z","size":39723,"stargazers_count":22,"open_issues_count":23,"forks_count":7,"subscribers_count":1,"default_branch":"main","last_synced_at":"2026-06-06T19:06:49.042Z","etag":null,"topics":["agent-reliability","ai-agents","ai-cost-optimization","ai-safety","amp","claude-code","codex","cursor","developer-tools","feedback-loop","gemini","guardrails","mcp","mcp-server","opencode","pre-action-checks","reduce-llm-cost","save-llm-tokens","thompson-sampling","thumbgate"],"latest_commit_sha":null,"homepage":"https://thumbgate.ai","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/IgorGanapolsky.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":".github/CODEOWNERS","security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":"AGENTS.md","dco":null,"cla":null},"funding":{"github":"IgorGanapolsky","buy_me_a_coffee":"igorganapolsky","custom":["https://iganapolsky.gumroad.com/l/tjovof"]}},"created_at":"2026-03-03T18:13:26.000Z","updated_at":"2026-06-06T18:10:46.000Z","dependencies_parsed_at":"2026-03-03T22:03:35.858Z","dependency_job_id":null,"html_url":"https://github.com/IgorGanapolsky/ThumbGate","commit_stats":null,"previous_names":["igorganapolsky/rlhf-feedback-loop","igorganapolsky/mcp-memory-gateway"],"tags_count":107,"template":false,"template_full_name":null,"purl":"pkg:github/IgorGanapolsky/ThumbGate","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/IgorGanapolsky%2FThumbGate","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/IgorGanapolsky%2FThumbGate/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/IgorGanapolsky%2FThumbGate/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/IgorGanapolsky%2FThumbGate/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/IgorGanapolsky","download_url":"https://codeload.github.com/IgorGanapolsky/ThumbGate/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/IgorGanapolsky%2FThumbGate/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":34228097,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-06-12T02:00:06.859Z","response_time":109,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["agent-reliability","ai-agents","ai-cost-optimization","ai-safety","amp","claude-code","codex","cursor","developer-tools","feedback-loop","gemini","guardrails","mcp","mcp-server","opencode","pre-action-checks","reduce-llm-cost","save-llm-tokens","thompson-sampling","thumbgate"],"created_at":"2026-05-26T13:00:18.257Z","updated_at":"2026-06-12T04:00:58.712Z","avatar_url":"https://github.com/IgorGanapolsky.png","language":"JavaScript","funding_links":["https://github.com/sponsors/IgorGanapolsky","https://buymeacoffee.com/igorganapolsky","https://iganapolsky.gumroad.com/l/tjovof"],"categories":["Cloud Infrastructure"],"sub_categories":["🔒 Security"],"readme":"# ThumbGate\n\n\u003cp align=\"center\"\u003e\n  \u003ca href=\"https://thumbgate.ai\"\u003e\n    \u003cimg src=\"public/assets/brand/thumbgate-icon-512.png\" alt=\"ThumbGate\" width=\"128\" height=\"128\" /\u003e\n  \u003c/a\u003e\n\u003c/p\u003e\n\n**AI coding agents repeat mistakes — and one wrong tool call can wipe a directory, leak a key, or push broken code.**\n\nThumbGate is the local-first firewall for AI coding agents. It runs in the PreToolUse hook on your machine and blocks dangerous tool calls — `rm -rf`, secret exfiltration, off-scope edits, a bad `git push` — before they execute, across Claude Code, Cursor, Codex, Gemini, Amp, Cline, and OpenCode. No server, no gateway. (Regulated-industry policy templates — legal intake, financial compliance, healthcare — build on the same engine.)\n\nThe product is a self-improving enforcement layer: thumbs-down feedback, prompt evaluation, and proof from prior runs become prevention rules that permanently stop repeated failures before the next tool call.\n\n```\n  Agent tries:   rm -rf tests/\n  ThumbGate:     ⛔ BLOCKED — \"Never delete test directories\"\n                 Pattern matched: rm.*-rf.*tests\n                 Source: your thumbs-down from last Tuesday\n                 Tokens spent on this repeat: 0\n```\n\n```bash\nnpx thumbgate init   # auto-detects your agent, wires hooks, 30 seconds\n```\n\nWorks with **Claude Code, Cursor, Codex, Gemini CLI, Amp, Cline, OpenCode** and any MCP-compatible agent. Free tier: 5 feedback captures/day (25 total) and up to 3 active auto-promoted prevention rules. [Pro: $19/mo or $149/yr](https://thumbgate.ai/checkout/pro?utm_source=github\u0026utm_medium=readme) — unlimited rules, history-aware lessons, feedback sessions, dashboard, DPO export. Enterprise (custom pricing, scoped after intake) adds a shared hosted lesson DB, org dashboard, and shared org-wide enforcement.\n\n[![CI](https://github.com/IgorGanapolsky/ThumbGate/actions/workflows/ci.yml/badge.svg)](https://github.com/IgorGanapolsky/ThumbGate/actions/workflows/ci.yml)\n[![npm](https://img.shields.io/npm/v/thumbgate)](https://www.npmjs.com/package/thumbgate)\n[![License: MIT](https://img.shields.io/badge/License-MIT-green.svg)](LICENSE)\n\n---\n\n\u003e *\"A better dashboard doesn't make the agents more reliable. The hard part isn't visibility. It's trust.\"*\n\u003e\n\u003e — **Rob May**, CEO \u0026 co-founder, Neurometric AI, quoted in [The New Stack](https://thenewstack.io/claude-code-agent-view/) on Anthropic's Claude Code Agent View (May 2026).\n\u003e\n\u003e ThumbGate is the open-source layer that makes the trust part real: PreToolUse gates, thumbs-down to rule, audit trail on every interception.\n\n---\n\n## Agentic development cycle fit\n\nAgentic development is becoming a loop: **Guide → Generate → Verify → Solve**. ThumbGate gives that loop a hard execution boundary.\n\n- **Guide:** standards, prior thumbs-downs, and approval policies become concrete context.\n- **Generate:** Claude Code, Cursor, Codex, Gemini, Amp, Cline, OpenCode, and MCP agents keep producing plans and tool calls.\n- **Verify:** risky actions need evidence before execution, not just after PR review.\n- **Solve:** blocked failures become reusable lessons, shared prevention rules, DPO exports, and audit events.\n\nIn that stack, ThumbGate is the pre-action gate between generated intent and executed action.\n\n---\n\n## Discoverable slash-commands — the guardrail layer for spec-driven agents\n\nSpec-driven agent frameworks like **GSD** (get-shit-done) and **GitHub Spec Kit** are great at *planning and generating* work — they expose dozens of discoverable `/gsd-*` / `/specify` commands in the agent command palette. ThumbGate is the **guardrail layer for spec-driven agents**: it sits *after* the plan, on the boundary between a generated tool call and its execution. It works **alongside GSD / Spec-Kit, not instead of them** — they decide *what* to build; ThumbGate enforces *what the agent must never do while building it*.\n\n`npx thumbgate init` installs these commands into your agent's palette (`.claude/commands/`, `.gemini/commands/`, `.antigravitycli/commands/`) so the enforcement layer is as browsable as the planning layer:\n\n| Command | What it does | Wraps (existing capability) |\n|---------|--------------|------------------------------|\n| `/thumbgate-guard` | Turn the last agent mistake into a hard prevention rule | `capture_feedback` + `thumbgate force-gate` |\n| `/thumbgate-rules` | List the active prevention rules + lessons guarding this repo | `prevention_rules`, `get_reliability_rules`, `search_lessons` |\n| `/thumbgate-blocked` | Show what's actually been blocked — gate stats + enforcement matrix | `gate_stats`, `enforcement_matrix` |\n| `/thumbgate-protect` | Show branch/release governance; grant a scoped, expiring approval | `get_branch_governance`, `approve_protected_action` |\n| `/thumbgate-doctor` | Health-check the wiring (hooks, MCP, agent-readiness) | `thumbgate doctor` |\n\nEach is a thin wrapper over an existing MCP tool or CLI command — **no new enforcement logic, just discoverability**.\n\n---\n\n## 🎬 90-second demo\n\nWatch the force-push scenario: agent tries to `git push --force`, one thumbs-down, next session it's blocked — zero tokens spent on the repeat.\n\n[**▶ Watch the 90-second demo**](https://thumbgate.ai/#demo?utm_source=github\u0026utm_medium=readme\u0026utm_campaign=demo_video) · [Script](docs/marketing/demo-video-script.md) · [ElevenLabs narration: `npm run demo:voiceover`](scripts/generate-demo-voiceover.js)\n\n\u003c!-- Video embed lives on the landing page and YouTube. Script + voiceover automation ship with the repo so anyone can re-record. --\u003e\n\n---\n\n## First-dollar activation path\n\nIf someone is not already bought into ThumbGate, do not lead with architecture. Lead with one repeated mistake.\n\n1. **Show the pain:** open the **[ThumbGate GPT](https://thumbgate.ai/go/gpt?utm_source=github\u0026utm_medium=readme\u0026utm_campaign=first_dollar_activation\u0026cta_id=readme_first_dollar_open_gpt\u0026cta_placement=readme_first_dollar)** and paste the bad answer, risky command, deploy, PR action, or agent plan before it runs again.\n2. **Capture the lesson:** type `thumbs down:` or `thumbs up:` with one concrete sentence. Native ChatGPT rating buttons are not the ThumbGate capture path; typed feedback is.\n3. **Enforce the repeat:** run `npx thumbgate init` where the agent executes so the lesson can become one of your Pre-Action Checks instead of another reminder.\n4. **Upgrade only after proof:** Solo Pro is for the dashboard, DPO export, proof-ready evidence, and higher capture limits after one real blocked repeat. Team starts with the Workflow Hardening Sprint around one repeated failure, one owner, and one proof review.\n\nThe buying question is simple: **what repeated AI mistake would be worth blocking before the next tool call?**\n\n---\n\n## The Problem — the bill nobody talks about\n\nFrontier-model calls are not cheap. Sonnet 4.5 is ~$3 / 1M input tokens and ~$15 / 1M output tokens. Opus is 5× that. Every time your agent:\n\n- hallucinates a function name and you have to correct it,\n- retries the same failing tool call until it gives up,\n- regenerates a 4,000-token plan you already approved last session,\n- repeats a destructive command you blocked manually yesterday,\n\n…you are paying for that round-trip. *Twice if it retries. Three times if you re-prompt.* And the agent has no memory across sessions, so the meter resets every Monday.\n\n```\nSession 1:  Agent force-pushes to main.     You fix it.    +4,200 tokens\nSession 2:  Agent force-pushes again.       You fix it.    +4,200 tokens\nSession 3:  Same mistake. Again.            You lose 45m.  +5,800 tokens\n```\n\nThat's ~$0.21 in tokens just to fix the same mistake three times — multiplied by every developer, every repeated-mistake class, every week. The math gets ugly fast.\n\n## The Solution — fix it once, the bill never sees it again\n\n```\nSession 1:  Agent force-pushes to main.     You 👎 it.       +4,200 tokens\nSession 2:  ⛔ Check blocks the force-push.  Zero round-trip. +0 tokens\nSession 3+: Never happens again.                              +0 tokens\n```\n\nOne thumbs-down. The PreToolUse hook intercepts the call **before** it reaches the model — no input tokens, no output tokens, no retry loop. The dashboard tracks **tokens saved this week** as a live counter so you can see exactly what your prevention rules are worth. Mark a review checkpoint once, and the dashboard narrows the next pass to only the feedback, lessons, and check blocks that landed since your last review.\n\nThumbGate doesn't make your agent smarter. It makes your agent *cheaper to be wrong with.*\n\n---\n\n## 🧠 The Context Brain\n\nEvery coding agent starts each session amnesiac — it has no memory of the mistakes it made yesterday, the fixes your team already rejected, or the rules this repo enforces. So it repeats them, and you pay for it again.\n\nThumbGate gives your repo a **context brain**: a single, versioned, agent-readable artifact that consolidates everything the agent should know *before it acts* — the lessons it has learned, the guardrails it must not cross, the gates that are enforced, and the project's own instruction files.\n\n```bash\nnpx thumbgate brain --write     # → .thumbgate/BRAIN.md\n```\n\nThen point your agent at it — add `Read .thumbgate/BRAIN.md first` to your `CLAUDE.md` / `AGENTS.md`, and every Claude Code, Codex, Cursor, or Gemini CLI session boots with your repo's institutional memory already loaded. The output is **deterministic**, so `BRAIN.md` lives in git and only changes when the underlying memory does — review it like any other file.\n\n```\n# ThumbGate Context Brain\n## What this codebase taught its agents (lessons)\n- ⛔ Force-pushing to main was rejected — use --force-with-lease on feature branches only\n## Guardrails — do NOT repeat these (prevention rules)\n- Never run DROP on production tables\n## Active enforcement (gates)\n- `DROP.*production` → block\n```\n\nSame idea the SEO world is now calling a *\"client brain\"* — persistent context that AI reads before doing the work — applied to **engineering**: the institutional memory that stops your coding agent from relearning the same lesson on your dime.\n\n---\n\n## Quick Start\n\n```bash\nnpx thumbgate init                                                         # auto-detects your agent, wires everything\nnpx thumbgate capture down \"Never run DROP on production tables\"\n```\n\nThat single command creates a prevention rule. Next time any AI agent tries to run `DROP` on production:\n\n```\n⛔ Check blocked: \"Never run DROP on production tables\"\n   Pattern: DROP.*production\n   Verdict: BLOCK\n```\n\n---\n\n## Architecture\n\nThumbGate operates as a 4-layer enforcement stack between your AI agent and your codebase:\n\n![ThumbGate Architecture](docs/diagrams/thumbgate_architecture.png)\n\n### Layer 1: Feedback Capture\nYour thumbs-up/down reactions are captured via MCP protocol, CLI, or the ChatGPT GPT surface. Each reaction is stored as a structured lesson with context, timestamp, and severity.\n\n### Layer 2: Check Engine\nThe check engine converts lessons into enforceable rules. **The runtime gate decision is deterministic** — literal pattern match → AST match → scoped rule lookup. No LLM call on the enforcement path.\n\nWhere retrieval is needed (an agent is about to run a destructive command not on the literal block list, but semantically similar to one we've blocked before), ThumbGate uses local CPU-only `bge-small` embeddings via LanceDB's built-in pipeline. No external API call, no inference cost beyond CPU. So **\"no LLM in enforcement\"** holds: the gate decision uses no LLM; the rule corpus is just searchable via local embeddings.\n\n**Thompson Sampling tunes per-rule confidence weights** for soft-gating rules so high-noise rules quiet down and high-signal rules sharpen. It never decides *whether* a rule fires — a hard rule like \"block `git push --force` on main\" always fires deterministically. Bandit exploration would be terrifying for hard rules; we don't do it.\n\nRules stay in local ThumbGate runtime state.\n\n### Layer 3: Pre-Action Interception\nBefore any agent action executes, ThumbGate's `PreToolUse` hook intercepts the command and evaluates it against all active checks. This happens at the MCP protocol level — the agent physically cannot bypass it.\n\n### Layer 4: Multi-Agent Distribution (the actual moat vs hand-rolled hooks)\nClaude Code already ships `permissions.deny` and `PreToolUse` hooks. Cursor and Codex have their own. So why ThumbGate over a hand-written hook?\n\nTwo things hand-written hooks structurally cannot do:\n\n1. **Cross-agent propagation.** A `permissions.deny` pattern lives in one agent's config and stays there. ThumbGate's checks distribute across every connected agent over MCP stdio — thumbs-down once in Cursor, the same pattern blocks on Claude Code, Codex, Gemini CLI, Cline, OpenCode, Amp in the next session, no copy-paste between configs.\n2. **Learning loop.** A hand-written hook covers exactly the patterns you wrote. ThumbGate promotes every thumbs-down into a fresh rule, tunes existing rules' confidence weights from outcomes (Thompson Sampling, see Layer 2), and pulls semantically-near patterns into scope via local embeddings. The rule corpus sharpens without an operator hand-writing a regex for every new mistake shape.\n\nHand-rolled hooks are the right tool for a small, static denylist you maintain by hand. ThumbGate is the right tool when you want corrections from any agent to harden every agent automatically.\n\nPrompt engineering still matters, but it is only the starting point. ThumbGate adds prompt evaluation on top: proof lanes, benchmarks, and self-heal checks tell you whether your prompt and workflow actually held up under execution instead of leaving you to guess from vibes. Run `npx thumbgate eval --from-feedback --write-report=.thumbgate/prompt-eval-proof.md` to turn real thumbs-up/down feedback into reusable eval cases and a buyer-ready proof report.\n\n### Retrieval \u0026 latency: local-first, zero network hops\n\nThumbGate's latency advantage is structural, not a tuned cloud cluster: there is no retrieval service and no model on the enforcement path, so the gate decision never leaves your machine.\n\n```mermaid\nflowchart LR\n    A[\"Agent about to run\u003cbr/\u003ea tool call\"] --\u003e B{\"Literal / AST match\u003cbr/\u003eon an active rule?\"}\n    B -- \"exact match\" --\u003e D[\"Deterministic gate decision\u003cbr/\u003e(no model, on-device)\"]\n    B -- \"no exact match, but\u003cbr/\u003esemantically near a\u003cbr/\u003eblocked pattern\" --\u003e C[\"Local CPU embeddings\u003cbr/\u003ebge-small via LanceDB\u003cbr/\u003e(no external API)\"]\n    C --\u003e D\n    D -- \"known-bad\" --\u003e E[\"⛔ BLOCK before execution\"]\n    D -- \"safe\" --\u003e F[\"✓ Allow\"]\n```\n\n- **Deterministic first.** Most decisions are a literal or AST pattern match against your active rules — sub-millisecond, on-device, no embeddings.\n- **Local semantic fallback.** When an action isn't on the literal block list but is semantically near one you've blocked before, ThumbGate searches the rule corpus with CPU-only `bge-small` embeddings via LanceDB — still local, still no external API call.\n- **No LLM on the enforcement path.** The gate never calls a model to decide block/allow. Thompson Sampling only tunes soft-rule confidence weights; hard rules always fire deterministically (see Layer 2).\n\nThe fastest network round-trip is the one you never make: enforcement is fully local, so it adds negligible latency to the agent loop — no cloud retrieval, no inference hop, no data leaving the machine.\n\n### Managed model benchmark lane\n\nWhen a new managed model drops, do not swap ThumbGate over on vendor claims alone. Rank it against the actual ThumbGate workload first:\n\n```bash\nnpx thumbgate model-candidates --workload=pretool-gating --json\nnpx thumbgate model-candidates --workload=long-trace-review --provider=openai-compatible --gateway=tinker --json\n```\n\nThe catalog currently includes the April 23, 2026 Tinker additions:\n\n- `tinker/qwen3.6-35b-a3b` for pre-action gating, agentic coding, and tool-use\n- `tinker/qwen3.6-27b` for the cheap fast-path\n- `tinker/kimi-k2.6-128k` for long-trace review and multi-agent sessions\n\nEach recommendation ships with the benchmark commands to run next: feedback-derived prompt eval, `gate-eval`, and `thumbgate bench`. For whole-repo clone claims, add `npx thumbgate bench --programbench-smoke` to generate a ProgramBench-style cleanroom proof report without claiming an official ProgramBench score. That keeps model selection evidence-backed instead of hype-driven.\n\n![Feedback Pipeline](docs/diagrams/feedback_pipeline.png)\n\n![Agent Integration](docs/diagrams/agent_integration.png)\n\n---\n\n## Install for Your Agent\n\n| Agent | Command |\n|-------|---------|\n| **Claude Code** | `npx thumbgate init --agent claude-code` |\n| **Cursor** | `npx thumbgate init --agent cursor` |\n| **VS Code / Open VSX** | [plugins/vscode-extension/README.md](plugins/vscode-extension/README.md) |\n| **Antigravity-compatible** | [plugins/antigravity-extension/INSTALL.md](plugins/antigravity-extension/INSTALL.md) |\n| **JetBrains** | [plugins/jetbrains-plugin/README.md](plugins/jetbrains-plugin/README.md) |\n| **Codex** | `npx thumbgate init --agent codex` |\n| **Gemini CLI** | `npx thumbgate init --agent gemini` |\n| **Amp** | `npx thumbgate init --agent amp` |\n| **Cline** (Roo Code successor) | `npx thumbgate init --agent cline` |\n| **Claude Desktop** | [Download extension bundle](https://github.com/IgorGanapolsky/ThumbGate/releases/latest/download/thumbgate-claude-desktop.mcpb) |\n| **Any MCP agent** | `npx thumbgate serve` |\n\nWorks with **Claude Code, Cursor, Codex, Gemini CLI, Amp, Cline, OpenCode**, and any MCP-compatible agent. Migrating from Roo Code (sunsetting 2026-05-15)? See [`adapters/cline/INSTALL.md`](./adapters/cline/INSTALL.md).\n\n### Install scope: machine-wide vs per-project\n\nThumbGate supports two install scopes. Pick once when you install — you can switch later by re-running with the other flag.\n\n| Scope | Command | Settings file | Lesson DB + dashboard live in | When to use |\n|-------|---------|---------------|--------------------------------|-------------|\n| **Machine-wide** (default) | `npx thumbgate init` | `~/.claude/settings.json` | `~/.claude/memory/feedback/` | Solo dev — **one shared dashboard across every repo on this machine**. A lesson learned in `repo-A` blocks the same mistake in `repo-B` automatically. |\n| **Per-project** | `npx thumbgate init --project` (in the repo root) | `\u003crepo\u003e/.claude/settings.json` | `\u003crepo\u003e/.claude/memory/feedback/` | Client work, compliance, or multi-tenant — **separate dashboard per repo**, lessons stay isolated, audit trail belongs to the repo. |\n\nBoth scopes write `mcpServers.thumbgate` + the PreToolUse / UserPromptSubmit / PostToolUse / SessionStart hooks; the only difference is *where*. Machine-wide is the right default for most developers. Switch to `--project` only when you have a reason to keep lessons from bleeding between repos.\n\n\u003e Per-project lesson DBs live under each repo's `.claude/memory/feedback/` and **must stay gitignored** — they're a runtime store, not source. ThumbGate's bundled `.gitignore` template handles this.\n\n### Status bar proof\n\n![Claude Code ThumbGate footer](public/assets/claude-thumbgate-statusbar.svg)\n\n![Codex ThumbGate test lane](public/assets/codex-thumbgate-statusbar-test.svg)\n\nClaude renders the live ThumbGate footer today. `npx thumbgate init --agent codex` now installs the full Codex hook bundle and writes the ThumbGate `statusLine` target into `~/.codex/config.json` so you can test it on your local Codex build immediately.\n\n### Install Codex Plugin\n\nOpen the Codex plugin install page or download the standalone bundle from GitHub Releases. The Codex launcher resolves `thumbgate@latest` when MCP and hooks start, so published npm fixes reach active Codex installs without hand-editing `~/.codex/config.toml`.\n\n1. Install page: [thumbgate.ai/codex-plugin](https://thumbgate.ai/codex-plugin)\n2. Direct zip: [thumbgate-codex-plugin.zip](https://github.com/IgorGanapolsky/ThumbGate/releases/latest/download/thumbgate-codex-plugin.zip)\n3. Follow: [plugins/codex-profile/INSTALL.md](plugins/codex-profile/INSTALL.md)\n\n### Install ChatGPT App / GPT Action\n\nChatGPT is the advice, checkpointing, and typed-feedback surface; ThumbGate's hard enforcement still runs locally in Codex, Claude Code, Cursor, Gemini CLI, Amp, OpenCode, MCP, or CI after install.\n\n1. App page: [thumbgate.ai/chatgpt-app](https://thumbgate.ai/chatgpt-app)\n2. Live GPT: [thumbgate.ai/go/gpt](https://thumbgate.ai/go/gpt?utm_source=github\u0026utm_medium=readme\u0026utm_campaign=chatgpt_app)\n3. GPT Action schema: [thumbgate.ai/openapi.yaml](https://thumbgate.ai/openapi.yaml)\n4. Follow: [adapters/chatgpt/INSTALL.md](adapters/chatgpt/INSTALL.md)\n\n---\n\n## How It Works\n\n```\n  STEP 1              STEP 2                 STEP 3\n  ────────            ────────               ────────\n\n  You react           ThumbGate learns       The check holds\n\n  👎 on a bad    ──►  Feedback becomes  ──►  Next time the\n  agent action        a saved lesson         agent tries the\n                      and a block rule       same thing:\n  👍 on a good   ──►  Good pattern gets      ⛔ BLOCKED\n  agent action        reinforced                 (or ✅ allowed)\n```\n\nNo manual rule-writing. No config files. Your reactions teach the agent what your team actually wants.\n\n---\n\nThumbGate sells three concrete outcomes:\n\n- **Prevent expensive AI mistakes** — catch bad commands, destructive database actions, unsafe publishes, and risky API calls before they run.\n- **Make AI stop repeating mistakes** — fix it once, turn the lesson into a rule, and block the repeat before the next tool call lands.\n- **Turn AI into a reliable operator** — move from a smart assistant that apologizes after damage to a production-ready operator with checkpoints, proof, and enforcement.\n- **Measure prompts instead of rewriting them blindly** — use `thumbgate eval --from-feedback`, proof lanes, ThumbGate Bench, and `self-heal:check` to evaluate whether prompts and workflows actually improved behavior.\n\n---\n\n## Use Cases\n\n### Developer Workflows\n- **Stop force-push to main** — Check blocks `git push --force` on protected branches before it runs\n- **Prevent repeated migration failures** — Each mistake becomes a searchable lesson that fires before the next attempt\n- **Block unauthorized file edits** — Control which files agents can touch with path-based rules\n- **Memory across sessions** — The agent remembers your feedback from yesterday\n- **Shared team safety** — One developer's thumbs-down protects the whole team\n- **Auto-improving without feedback** — Self-improvement mode evaluates outcomes and generates rules automatically\n\n### Enterprise \u0026 Regulated Industries\n- **Legal AI intake governance** — Block unauthorized practice of law (ABA Rule 5.5), require conflict-of-interest clearance before fact collection (Rules 1.7/1.9/1.10), prevent privileged content from leaving firm boundaries (Rule 1.6)\n- **Financial compliance** — Gate AI-generated trade recommendations, block unauthorized disclosures, enforce approval chains before customer-facing outputs\n- **Healthcare** — Prevent AI agents from providing medical diagnoses, enforce HIPAA-compliant data routing, require clinician review before patient-facing content\n- **Audit trail** — Every gate decision (block, allow, reroute) is preserved with rule version, timestamp, and reviewer path for compliance review\n\n[See the legal-intake demo →](https://thumbgate.ai/dashboard)\n\n---\n\n## Built-in Checks\n\n```\n⛔ force-push          → blocks git push --force\n⛔ protected-branch    → blocks direct push to main\n⛔ unresolved-threads  → blocks push with open reviews\n⛔ package-lock-reset  → blocks destructive lock edits\n⛔ env-file-edit       → blocks .env secret exposure\n\n+ custom prevention rules for project-specific failures\n```\n\n---\n\n## CLI Reference\n\n```bash\nnpx thumbgate init                                              # detect agent, wire hooks\nnpx thumbgate doctor                                            # health check\nnpx thumbgate capture up|down \"\u003ctext\u003e\"                         # capture a signal as a stored lesson (positional format)\nnpx thumbgate lessons                                           # see what's been learned\nnpx thumbgate brain --write                                     # build .thumbgate/BRAIN.md — the agent-readable context brain\nnpx thumbgate explore    # terminal explorer for lessons, checks, stats\nnpx thumbgate background-governance  # review background-agent run risk\nnpx thumbgate model-candidates --workload=dashboard-analysis --provider=openai --json  # evaluate GPT-5.5 routing\nnpx thumbgate native-messaging-audit  # inspect local browser bridges and extension hosts\nnpx thumbgate dashboard --open                                  # open local project-scoped dashboard in browser\nthumbgate-dashboard                                             # standalone browser dashboard shortcut (run '/project:thumbgate-dashboard' in Claude/Grok)\nnpx thumbgate serve      # start MCP server on stdio\nnpx thumbgate bench      # run reliability benchmark\nnpx thumbgate bench --programbench-smoke  # include cleanroom whole-repo proof lane\nnpx thumbgate break-glass --reason=\"ThumbGate over-fired\"  # short TTL recovery for gate over-fire\n```\n\n### Recovery if a gate over-fires\n\nThumbGate should block repeated unsafe actions, not trap the operator. If a noisy rule or stale memory pattern blocks the hook/settings change you need to recover, open a short-lived break-glass window:\n\n```bash\nnpx thumbgate break-glass --reason=\"ThumbGate over-fired and blocked operator recovery\"\n```\n\nWhat this unlocks for up to 5 minutes:\n\n- Edits to `.claude/settings.local.json`, `.claude/settings.json`, `.codex/config.toml`, and the same files inside nested workspaces.\n- The short-lived proof gates used for PR recovery: `pr_create_allowed` and `pr_threads_checked`.\n\nWhat stays gated:\n\n- Force pushes, protected-branch pushes, broad `rm -rf`, unsafe `chmod`, package publishes/releases, and local-only remote side effects.\n- Arbitrary protected files such as `README.md`, `AGENTS.md`, policy bundles, or credentials.\n\nVerify the recovery window and runtime health before continuing:\n\n```bash\nnpx thumbgate break-glass --reason=\"verify recovery path\" --json\nnpx thumbgate doctor\n```\n\nIf you change MCP or hook settings, restart the affected agent session so Claude Code, Cursor, Codex, or another runtime reloads `.mcp.json` and local settings.\n\n---\n\n## Pricing\n\n| | Free | Pro ($19/mo) | Enterprise |\n|---|---|---|---|\n| Local CLI + enforced checks | ✅ | ✅ | ✅ |\n| Feedback captures | 5/day (25 total) | Unlimited | Unlimited |\n| Active auto-promoted prevention rules | 3 | Unlimited | Unlimited |\n| MCP agent integrations | All | All | All |\n| Personal dashboard | — | ✅ | ✅ |\n| DPO export (model fine-tuning) | — | ✅ | ✅ |\n| Lesson export/import | — | ✅ | ✅ |\n| Shared hosted lesson DB | — | — | ✅ |\n| Org-wide dashboard | — | — | ✅ |\n| Approval + audit proof | — | — | ✅ |\n| Regulatory gate templates | — | — | ✅ |\n| Custom policy layers (firm/practice-area) | — | — | ✅ |\n| Compliance audit export | — | — | ✅ |\n| Dedicated onboarding + SLA | — | — | ✅ |\n\nThe free tier gives you 5 feedback captures/day (25 total) and up to 3 active auto-promoted prevention rules — enough to make ThumbGate part of your daily flow before you upgrade. MCP integrations for all agents (Claude Code, Cursor, Codex, Gemini, Amp, Cline, OpenCode) ship free.\n\nPro ($19/mo or $149/yr) removes the rule cap and adds history-aware lesson recall, lesson search, DPO export, and a personal dashboard. Enterprise (custom pricing, scoped after intake) adds a shared hosted lesson DB, org dashboard, and shared enforcement across the org, plus regulatory gate templates (legal intake, financial compliance, healthcare), custom policy layers scoped to firm/practice-area, compliance audit export, and dedicated onboarding with SLA.\n\n**Best first paid motion for teams:** the **Workflow Hardening Sprint** — qualify one repeated failure before committing to a full rollout. **[Start intake →](https://thumbgate.ai/?utm_source=github\u0026utm_medium=readme\u0026utm_campaign=team_rollout#workflow-sprint-intake)**\n\n**Best first technical motion:** install the CLI-first and let `init` wire hooks for the agent you already use.\n\n**Paid path for individual operators:** [ThumbGate Pro](https://thumbgate.ai/checkout/pro?utm_source=github\u0026utm_medium=readme\u0026utm_campaign=pro_page) is the self-serve side lane for a personal dashboard and export-ready evidence.\n\n**[Start free](https://thumbgate.ai/?utm_source=github\u0026utm_medium=readme)** · **[See Pro](https://thumbgate.ai/checkout/pro?utm_source=github\u0026utm_medium=readme)** · **[Team Sprint intake](https://thumbgate.ai/?utm_source=github\u0026utm_medium=readme#workflow-sprint-intake)**\n\n---\n\n## Team Lesson Sharing (Pro + Team)\n\nOne team's hard-won lessons shouldn't stay trapped on one laptop. ThumbGate Pro and Team can export lessons as portable bundles and import them into any other ThumbGate instance — so a mistake caught by Team A becomes a prevention rule for Team B.\n\n**Export lessons from one project:**\n\n```bash\ncurl -X POST http://localhost:3456/v1/lessons/export \\\n  -H \"Authorization: Bearer $THUMBGATE_API_KEY\" \\\n  -H \"Content-Type: application/json\" \\\n  -d '{\"outputPath\": \"./lessons-export.json\"}'\n```\n\nFilter by signal or tags:\n\n```bash\ncurl -X POST http://localhost:3456/v1/lessons/export \\\n  -H \"Authorization: Bearer $THUMBGATE_API_KEY\" \\\n  -H \"Content-Type: application/json\" \\\n  -d '{\"signal\": \"down\", \"tags\": [\"push-notifications\", \"ci\"]}'\n```\n\n**Import into another team's ThumbGate:**\n\n```bash\ncurl -X POST http://localhost:3456/v1/lessons/import \\\n  -H \"Authorization: Bearer $THUMBGATE_API_KEY\" \\\n  -H \"Content-Type: application/json\" \\\n  -d @lessons-export.json\n```\n\nWhat happens on import:\n- **Deduplication** — lessons with the same ID or title+signal are skipped\n- **Provenance tracking** — every imported lesson is tagged `team-import` with original source project, export timestamp, and original ID\n- **No overwrite** — import is additive; existing lessons are never modified\n\nThe export bundle includes full lesson metadata: signal, title, context, tags, failure type, skill, structured rules, and diagnosis. It's the same data you see in the lesson detail dashboard — portable as JSON.\n\n**Use cases:**\n- Share enforcement patterns across repos in the same org\n- Onboard a new team with pre-built lessons from a mature project\n- Export lessons before a project handoff so institutional knowledge transfers\n- Feed lessons from multiple teams into a centralized DPO training pipeline\n\n---\n\n## DPO Export for Fine-Tuning (Pro + Team)\n\nEvery thumbs-up and thumbs-down becomes a training signal. ThumbGate Pro exports your captured feedback as DPO (Direct Preference Optimization) pairs — ready to feed into a LoRA fine-tune so your model stops repeating known mistakes at the weight level, not just the check level.\n\n**Export DPO pairs:**\n\n```bash\ncurl -X POST http://localhost:3456/v1/dpo/export \\\n  -H \"Authorization: Bearer $THUMBGATE_API_KEY\" \\\n  -o dpo-pairs.jsonl\n```\n\n**What you get:** JSONL where each line is a preference pair:\n- `chosen` — the agent action you thumbed up\n- `rejected` — the action you thumbed down for the same task context\n- `prompt` — the originating user intent\n\n**Use cases:**\n- Fine-tune Llama 3 / Mistral / local models with a LoRA adapter trained on your real mistakes\n- Feed into RLAIF or KTO pipelines (KTO export also available via `/v1/kto/export`)\n- Build a model that natively avoids your team's known failure patterns — no check at inference time needed\n\n**Why this matters:** Checks block mistakes. Fine-tuning prevents them from being attempted. Combine both for belt-and-suspenders governance.\n\n---\n\n## Tech Stack\n\n| Layer | Technology |\n|-------|-----------|\n| **Storage** | SQLite + FTS5, LanceDB vectors, JSONL logs |\n| **Capture** | 5/day, 25 total on Free; unlimited on Pro, Team, and Enterprise |\n| **Intelligence** | MemAlign dual recall, Thompson Sampling |\n| **Enforcement** | PreToolUse hook engine, Checks config |\n| **Interfaces** | MCP stdio, HTTP API, CLI (Node.js \u003e=18) |\n| **Billing** | Stripe |\n| **Execution** | Railway, Cloudflare Workers, Docker Sandboxes |\n| **Governance** | Workflow Sentinel, control plane, Docker Sandboxes |\n\nEvery Changeset is tied to the exact `main` merge commit and generates Verification Evidence for Release Confidence.\n\n---\n\n**Popular buyer questions:** **[AI search topical presence](https://thumbgate.ai/guides/ai-search-topical-presence?utm_source=github\u0026utm_medium=readme\u0026utm_campaign=buyer_questions)** · **[Relational knowledge and AI recommendations](https://thumbgate.ai/guides/relational-knowledge-ai-recommendations?utm_source=github\u0026utm_medium=readme\u0026utm_campaign=buyer_questions)** · **[Background agent governance](https://thumbgate.ai/guides/background-agent-governance?utm_source=github\u0026utm_medium=readme\u0026utm_campaign=buyer_questions)** · **[GPT-5.5 model evaluation](https://thumbgate.ai/guides/gpt-5-5-model-evaluation?utm_source=github\u0026utm_medium=readme\u0026utm_campaign=buyer_questions)** · **[Stop repeated AI agent mistakes](https://thumbgate.ai/guides/stop-repeated-ai-agent-mistakes?utm_source=github\u0026utm_medium=readme\u0026utm_campaign=buyer_questions)** · **[Browser automation safety](https://thumbgate.ai/guides/browser-automation-safety?utm_source=github\u0026utm_medium=readme\u0026utm_campaign=buyer_questions)** · **[Native messaging host security](https://thumbgate.ai/guides/native-messaging-host-security?utm_source=github\u0026utm_medium=readme\u0026utm_campaign=buyer_questions)** · **[Autoresearch agent safety](https://thumbgate.ai/guides/autoresearch-agent-safety?utm_source=github\u0026utm_medium=readme\u0026utm_campaign=buyer_questions)** · **[Cursor guardrails](https://thumbgate.ai/guides/cursor-agent-guardrails?utm_source=github\u0026utm_medium=readme\u0026utm_campaign=buyer_questions)** · **[Codex CLI guardrails](https://thumbgate.ai/guides/codex-cli-guardrails?utm_source=github\u0026utm_medium=readme\u0026utm_campaign=buyer_questions)** · **[Gemini CLI memory + enforcement](https://thumbgate.ai/guides/gemini-cli-feedback-memory?utm_source=github\u0026utm_medium=readme\u0026utm_campaign=buyer_questions)** · **[Google Cloud MCP guardrails](https://thumbgate.ai/guides/gcp-mcp-guardrails?utm_source=github\u0026utm_medium=readme\u0026utm_campaign=buyer_questions)** · **[Roo Code alternative: migrate to Cline](https://thumbgate.ai/guides/roo-code-alternative-cline?utm_source=github\u0026utm_medium=readme\u0026utm_campaign=buyer_questions)**\n\n**Conversational ad / AI-search answer assets:** **[AI Mode ads for agent governance](https://thumbgate.ai/guides/ai-mode-ads-agent-governance?utm_source=github\u0026utm_medium=readme\u0026utm_campaign=buyer_questions)** · **[MCP tool governance](https://thumbgate.ai/guides/mcp-tool-governance?utm_source=github\u0026utm_medium=readme\u0026utm_campaign=buyer_questions)** · **[AI agent pre-action approval gates](https://thumbgate.ai/guides/ai-agent-pre-action-approval-gates?utm_source=github\u0026utm_medium=readme\u0026utm_campaign=buyer_questions)**\n\n**[Workflow Hardening Sprint](https://thumbgate.ai/?utm_source=github\u0026utm_medium=readme\u0026utm_campaign=top_cta#workflow-sprint-intake)** · **[Live Dashboard](https://thumbgate.ai/dashboard?utm_source=github\u0026utm_medium=readme\u0026utm_campaign=top_cta)**\n\n---\n\n## Integrations\n\n- **[ChatGPT App / GPT Action](https://thumbgate.ai/chatgpt-app)** — First-class ChatGPT distribution page with the live GPT, public OpenAPI Action schema, and local enforcement install path\n- **[Open ThumbGate GPT](https://thumbgate.ai/go/gpt?utm_source=github\u0026utm_medium=readme\u0026utm_campaign=readme_gpt)** — ThumbGate GPT: start here. Paste agent actions, get advice + checkpointing. No, users do not have to keep chatting inside the ThumbGate GPT to use ThumbGate — the hard enforcement layer still runs where the work happens.\n- **[Claude Desktop Extension](https://github.com/IgorGanapolsky/ThumbGate/releases/latest/download/thumbgate-claude-desktop.mcpb)** — One-click install for Claude Desktop\n- **[Codex Plugin](https://thumbgate.ai/codex-plugin)** — Auto-updating standalone bundle and install page for Codex CLI\n- **[VS Code / Open VSX Extension](plugins/vscode-extension/README.md)** — Marketplace-ready MCP provider and `.vscode/mcp.json` fallback for VS Code-compatible IDEs\n- **[Antigravity-compatible VSIX](plugins/antigravity-extension/INSTALL.md)** — Open VSX/direct VSIX install path while Antigravity-specific marketplace support is still unproven\n- **[JetBrains Plugin Scaffold](plugins/jetbrains-plugin/README.md)** — IntelliJ/PyCharm Marketplace path for the same `thumbgate@latest` runtime\n- **[Perplexity Command Center](docs/PERPLEXITY_MAX_COMMAND_CENTER.md)** — AI-search visibility + lead discovery\n- **[ThumbGate Bench](docs/THUMBGATE_BENCH.md)** — Reliability benchmark and ProgramBench-style cleanroom proof lane\n- **[Manus AI Skill](skills/thumbgate/SKILL.md)** — ThumbGate integration for Manus AI agents\n\n---\n\n## Feedback Sessions\n\nGive the agent more context when a thumbs-down isn't enough:\n\n```\n👎 thumbs down\n  └─► open_feedback_session\n        └─► \"you lied about deployment\"    (append_feedback_context)\n        └─► \"tests were actually failing\"  (append_feedback_context)\n        └─► finalize_feedback_session\n              └─► lesson inferred from full conversation\n```\n\nFree and self-hosted users can invoke `search_lessons` directly through MCP, and via the CLI with `npx thumbgate lessons`. History-aware feedback sessions give the agent full context for each lesson.\n\n---\n\n## Enterprise Data Chat and Optional Google Adapters\n\nThe Enterprise dashboard chat is local/open-source first: it answers over local ThumbGate data using lesson retrieval, LanceDB-backed vectors, and your configured LLM. Set `THUMBGATE_LOCAL_LLM_ENDPOINT` to an OpenAI-compatible local endpoint (Ollama, llama.cpp, vLLM, LM Studio, etc.) when you want generated answers without sending dashboard data to Google.\n\nGoogle Cloud is an optional regulated-enterprise adapter, not a dashboard chatbot requirement. If a buyer already standardizes on Vertex AI or Dialogflow CX, ThumbGate can verify that posture and deploy guard adapters in their tenancy.\n\n### Optional Vertex Setup\nTo wire local ThumbGate scoring to Vertex AI, run:\n```bash\nnpx thumbgate setup-vertex\n```\n* **Auto-Discovery:** Automatically detects your active authenticated `gcloud` session and active project ID.\n* **Auto-Enablement:** Programmatically enables the Vertex AI API in your project.\n* **Auto-Configuration:** Writes local Vertex routing settings to your `.env` file.\n\nThis command does **not** create or verify a live Dialogflow CX agent. Dialogflow is only relevant when a customer wants ThumbGate guard adapters in front of their own production DFCX agents. On current Google Cloud CLI installs, the old alpha gcloud CX command group is not available; verify Conversational Agents / Dialogflow CX with the Google Cloud console or the official Dialogflow CX REST API (`projects.locations.agents`) before claiming a live DFCX deployment.\n\n### Zero-Friction Cost Containment ($10/mo Hard Cap)\nGoogle Cloud budget alerts are \"alert-only\" and do not stop API traffic, risking unexpected bill shock. ThumbGate completely resolves this on the client side:\n* **Instant Shutdown:** ThumbGate maintains a lightweight, local token ledger and instantly halts outgoing API traffic the millisecond your monthly token spending approaches the **$10 limit** (500k tokens of Gemini 1.5 Flash).\n* **Bypasses extra shutdown plumbing:** Requires no Pub/Sub or Cloud Functions for the local ThumbGate-side stop condition. You still need normal Google Cloud billing/API setup and live-agent verification for DFCX pilots.\n\n---\n\n## FAQ\n\n**Is ThumbGate a model fine-tuning tool?**\nNo. ThumbGate does not update model weights. It captures feedback, stores lessons, injects context at runtime, and blocks bad actions before they execute.\n\n**How is this different from CLAUDE.md or .cursorrules?**\nThose are suggestions the agent can ignore. ThumbGate checks are enforced — they physically block the action before it runs. They also auto-generate from feedback instead of requiring manual writing.\n\n**Does it work with my agent?**\nIf it supports MCP or pre-action hooks, yes. Claude Code, Claude Desktop, Cursor, Codex, Gemini CLI, Amp, Cline, OpenCode all work out of the box.\n\n**Is it free?**\nThe free tier gives you 5 feedback captures/day, 25 total captures, and up to 3 active auto-promoted prevention rules — enough for solo devs to prove a blocked repeat before upgrading. MCP integrations ship free for every agent.\n\nPro ($19/mo or $149/yr) removes the rule cap and adds history-aware lesson recall, lesson search, and a personal dashboard. Enterprise (custom pricing, scoped after intake) adds a shared hosted lesson DB, org dashboard, and shared enforcement.\n\n---\n\n## Docs\n\n- [**ThumbGate for Federal Agencies**](docs/FEDERAL.md) — pilot-ready posture, NIST 800-53 control mapping, OMB M-24-10 / EO 14110 alignment, ThumbGate-Core gov deployment mode, public/Core boundary invariants. Landing page: [thumbgate.ai/federal](https://thumbgate.ai/federal).\n- [First Dollar Playbook](docs/FIRST_DOLLAR_PLAYBOOK.md) — turning one painful workflow into the next booked pilot\n- [Commercial Truth](docs/COMMERCIAL_TRUTH.md) — pricing, claims, what we don't say\n- [Goal Contracts](docs/GOAL_CONTRACTS.md) — evidence-before-done contracts for multi-agent handoffs\n- [Changeset Strategy](docs/CHANGESET_STRATEGY.md) — release notes and version bump enforcement\n- [Release Confidence](docs/RELEASE_CONFIDENCE.md) — changesets, version checks, proof lanes\n- [Verification Evidence](docs/VERIFICATION_EVIDENCE.md) — proof artifacts\n- [Claude Desktop Extension Guide](docs/CLAUDE_DESKTOP_EXTENSION.md)\n- [Agent Workflow Contract](WORKFLOW.md) — the agent-run contract for all ThumbGate operations\n- [Ready for Agent Intake](https://github.com/IgorGanapolsky/ThumbGate/issues/new?template=ready-for-agent.yml) — ready-for-agent intake template\n- [SEO Guide: Claude Code Guardrails](docs/learn/claude-code-guardrails.md)\n- [Unsupervised Learning Signals](docs/UL.md) — silent-failure clustering (**on by default** as of 2026-05-21; opt out via `THUMBGATE_SILENT_FAILURE_CLUSTERING=0`; only meaningfully active on workspaces with ≥ 50 tool calls/day)\n- [ThumbGate-Core](https://github.com/IgorGanapolsky/ThumbGate-Core) — private core for hosted overlays, ranking, policy synthesis, billing intelligence, and org/team workflows\n\n---\n\n## License\n\nMIT. See [LICENSE](LICENSE).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FIgorGanapolsky%2FThumbGate","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FIgorGanapolsky%2FThumbGate","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FIgorGanapolsky%2FThumbGate/lists"}