thumbgate 1.14.1 → 1.16.0

package/public/compare.html

@@ -3,13 +3,13 @@
 <head>
 <meta charset="UTF-8">
 <meta name="viewport" content="width=device-width, initial-scale=1.0">
-<title>Best Pre-Action Gate Tools for AI Coding Agents (2026 Comparison)</title>
+<title>Best Pre-Action Check Tools for AI Coding Agents (2026 Comparison)</title>
 <!-- Privacy-friendly analytics by Plausible -->
 <script defer data-domain="thumbgate-production.up.railway.app" src="https://plausible.io/js/script.js"></script>
-<meta name="description" content="Compare pre-action gate tools that prevent AI coding agents from making costly mistakes. ThumbGate vs manual review vs post-hoc fixes.">
-<meta name="keywords" content="AI agent safety, pre-action gates, AI coding agent comparison, ThumbGate vs manual review, AI agent guardrails, PreToolUse hooks, Claude Code safety, Codex safety, Gemini safety, Cursor rules alternative">
-<meta property="og:title" content="Best Pre-Action Gate Tools for AI Coding Agents (2026 Comparison)">
-<meta property="og:description" content="Compare pre-action gate tools that prevent AI coding agents from making costly mistakes. ThumbGate vs manual review vs post-hoc fixes.">
+<meta name="description" content="Compare pre-action check tools that prevent AI coding agents from making costly mistakes. ThumbGate vs manual review vs post-hoc fixes.">
+<meta name="keywords" content="AI agent safety, pre-action checks, AI coding agent comparison, ThumbGate vs manual review, AI agent guardrails, PreToolUse hooks, Claude Code safety, Codex safety, Gemini safety, Cursor rules alternative">
+<meta property="og:title" content="Best Pre-Action Check Tools for AI Coding Agents (2026 Comparison)">
+<meta property="og:description" content="Compare pre-action check tools that prevent AI coding agents from making costly mistakes. ThumbGate vs manual review vs post-hoc fixes.">
 <meta property="og:type" content="article">
 <meta property="og:url" content="https://thumbgate-production.up.railway.app/compare">
 <link rel="canonical" href="https://thumbgate-production.up.railway.app/compare">
@@ -18,8 +18,8 @@
 {
   "@context": "https://schema.org",
   "@type": "TechArticle",
-  "headline": "Best Pre-Action Gate Tools for AI Coding Agents (2026 Comparison)",
-  "description": "Compare pre-action gate tools that prevent AI coding agents from making costly mistakes. ThumbGate vs manual review vs post-hoc fixes vs Cursor rules vs linters.",
+  "headline": "Best Pre-Action Check Tools for AI Coding Agents (2026 Comparison)",
+  "description": "Compare pre-action check tools that prevent AI coding agents from making costly mistakes. ThumbGate vs manual review vs post-hoc fixes vs Cursor rules vs linters.",
   "author": {
     "@type": "Person",
     "name": "Igor Ganapolsky",
@@ -43,10 +43,10 @@
   "mainEntity": [
     {
       "@type": "Question",
-      "name": "What is a pre-action gate for AI coding agents?",
+      "name": "What is a pre-action check for AI coding agents?",
       "acceptedAnswer": {
         "@type": "Answer",
-        "text": "A pre-action gate is an enforcement layer that intercepts AI agent tool calls before they execute. Unlike prompt rules that agents can ignore, pre-action gates physically block dangerous actions such as force-pushing to main, deleting production files, or committing code with failing tests. ThumbGate implements pre-action gates via PreToolUse hooks that fire before every tool call."
+        "text": "A pre-action check is an enforcement layer that intercepts AI agent tool calls before they execute. Unlike prompt rules that agents can ignore, pre-action checks physically block dangerous actions such as force-pushing to main, deleting production files, or committing code with failing tests. ThumbGate implements pre-action checks via PreToolUse hooks that fire before every tool call."
       }
     },
     {
@@ -54,7 +54,7 @@
       "name": "Does ThumbGate work with Claude Code?",
       "acceptedAnswer": {
         "@type": "Answer",
-        "text": "Yes. ThumbGate works with Claude Code, Cursor, Codex, Gemini CLI, Amp, OpenCode, and any MCP-compatible agent. Run npx thumbgate init --agent claude-code to auto-configure PreToolUse hooks in your .claude/settings.json."
+        "text": "Yes. ThumbGate works with Claude Code, Cursor, Codex, Gemini CLI, Amp, Cline, OpenCode, and any MCP-compatible agent. Run npx thumbgate init --agent claude-code to auto-configure PreToolUse hooks in your .claude/settings.json."
       }
     },
     {
@@ -78,7 +78,7 @@
       "name": "Can ThumbGate learn from mistakes automatically?",
       "acceptedAnswer": {
         "@type": "Answer",
-        "text": "Yes. When your AI agent makes a mistake, you give a thumbs-down with context. After repeated failures with the same pattern, ThumbGate auto-generates a prevention rule and wires it as a pre-action gate. Gates adapt their sensitivity over time using Thompson Sampling, a Bayesian multi-armed bandit algorithm."
+        "text": "Yes. When your AI agent makes a mistake, you give a thumbs-down with context. After repeated failures with the same pattern, ThumbGate auto-generates a prevention rule and wires it as a pre-action check. Checks adapt their sensitivity over time using Thompson Sampling, a Bayesian multi-armed bandit algorithm."
       }
     }
   ]
@@ -146,7 +146,7 @@
 <div class="container">
 <p class="breadcrumb"><a href="/">Home</a> / Compare</p>
 
-<h1>Best Pre-Action Gate Tools for AI Coding Agents (2026 Comparison)</h1>
+<h1>Best Pre-Action Check Tools for AI Coding Agents (2026 Comparison)</h1>
 <p style="color:var(--muted);">Your AI coding agent force-pushed to main again. Which tool actually prevents that? We compared the five most common approaches to AI agent safety.</p>
 
 <h2>Comparison Table</h2>
@@ -209,7 +209,7 @@
     <td class="no">No</td>
   </tr>
   <tr>
-    <td>Real-time pre-action gates</td>
+    <td>Real-time pre-action checks</td>
     <td class="yes">Yes -- fires before every tool call</td>
     <td class="no">No -- asynchronous review</td>
     <td class="no">No -- reactive only</td>
@@ -238,11 +238,17 @@
 <h2>Why ThumbGate Wins</h2>
 <ul>
   <li><strong>Enforcement, not suggestions.</strong> Prompt rules in CLAUDE.md or .cursorrules are instructions the agent can ignore. ThumbGate intercepts tool calls at the PreToolUse hook level and physically blocks dangerous actions before they execute.</li>
-  <li><strong>Learns and adapts automatically.</strong> Every thumbs-down becomes a data point. After repeated failures with the same pattern, ThumbGate auto-generates a prevention rule. Gates adapt their sensitivity over time using Thompson Sampling -- aggressive gates that over-block get tuned down, effective gates get reinforced.</li>
-  <li><strong>Works across all major AI coding agents.</strong> One install command covers Claude Code, Cursor, Codex, Gemini CLI, Amp, and OpenCode. No per-agent configuration needed.</li>
+  <li><strong>Learns and adapts automatically.</strong> Every thumbs-down becomes a data point. After repeated failures with the same pattern, ThumbGate auto-generates a prevention rule. Checks adapt their sensitivity over time using Thompson Sampling -- aggressive checks that over-block get tuned down, effective checks get reinforced.</li>
+  <li><strong>Works across all major AI coding agents.</strong> One install command covers Claude Code, Cursor, Codex, Gemini CLI, Amp, Cline, and OpenCode. No per-agent configuration needed.</li>
   <li><strong>Prevention is cheaper than recovery.</strong> Manual code review catches mistakes after the PR. Git revert catches them after the push. ThumbGate catches them before the tool call executes -- saving the time, context switches, and cleanup cost of undoing damage.</li>
 </ul>
 
+<div class="card">
+  <h3>Evaluating bigger orchestration platforms?</h3>
+  <p>Journey orchestration and AI workflow routing are different from execution enforcement. If you are comparing ThumbGate to a broader AI orchestration stack, start here.</p>
+  <p><a href="/compare/ai-experience-orchestration" class="cta">Read orchestration vs enforcement</a></p>
+</div>
+
 <h2>How It Works</h2>
 <div class="step-grid">
   <div class="step-card">
@@ -252,8 +258,8 @@
   </div>
   <div class="step-card">
     <div class="step-number">2</div>
-    <h3>Gate</h3>
-    <p>Every tool call your agent makes passes through a pre-action gate. Known-bad patterns are blocked before execution. Good actions pass through instantly.</p>
+    <h3>Check</h3>
+    <p>Every tool call your agent makes passes through a pre-action check. Known-bad patterns are blocked before execution. Good actions pass through instantly.</p>
   </div>
   <div class="step-card">
     <div class="step-number">3</div>
@@ -276,18 +282,18 @@
 <h2>Frequently Asked Questions</h2>
 
 <div class="card">
-  <h3>What is a pre-action gate?</h3>
-  <p>A pre-action gate is an enforcement layer that intercepts AI agent tool calls before they execute. Unlike prompt rules that agents can ignore, pre-action gates physically block dangerous actions such as force-pushing to main, deleting production files, or committing code with failing tests.</p>
+  <h3>What is a pre-action check?</h3>
+  <p>A pre-action check is an enforcement layer that intercepts AI agent tool calls before they execute. Unlike prompt rules that agents can ignore, pre-action checks physically block dangerous actions such as force-pushing to main, deleting production files, or committing code with failing tests.</p>
 </div>
 
 <div class="card">
   <h3>Does ThumbGate work with Claude Code?</h3>
-  <p>Yes. ThumbGate works with Claude Code, Cursor, Codex, Gemini CLI, Amp, OpenCode, and any MCP-compatible agent. Run <code>npx thumbgate init --agent claude-code</code> to auto-configure PreToolUse hooks.</p>
+  <p>Yes. ThumbGate works with Claude Code, Cursor, Codex, Gemini CLI, Amp, Cline, OpenCode, and any MCP-compatible agent. Run <code>npx thumbgate init --agent claude-code</code> to auto-configure PreToolUse hooks.</p>
 </div>
 
 <div class="card">
   <h3>Is ThumbGate free?</h3>
-  <p>ThumbGate has a free tier that includes local enforcement with 3 daily feedback captures, 5 lesson searches, unlimited recall, and pre-action gate blocking. Pro ($19/mo or $149/yr) adds a personal local dashboard and DPO export. Team rollout ($49/seat/mo) adds a shared lesson database and org dashboard.</p>
+  <p>ThumbGate has a free tier that includes local enforcement with 3 daily feedback captures, 5 lesson searches, unlimited recall, and pre-action check blocking. Pro ($19/mo or $149/yr) adds a personal local dashboard and DPO export. Team rollout ($49/seat/mo) adds a shared lesson database and org dashboard.</p>
 </div>
 
 <div class="card">
@@ -297,13 +303,13 @@
 
 <div class="card">
   <h3>Can ThumbGate learn from mistakes automatically?</h3>
-  <p>Yes. When your AI agent makes a mistake, give a thumbs-down with context. In the current Claude auto-capture path, vague negative signals can reuse up to 8 prior recorded entries plus the failed tool call, then stay linked to a 60-second follow-up session. After repeated failures with the same pattern, ThumbGate auto-generates a prevention rule and wires it as a pre-action gate. Gates adapt over time using Thompson Sampling, a Bayesian multi-armed bandit algorithm.</p>
+  <p>Yes. When your AI agent makes a mistake, give a thumbs-down with context. In the current Claude auto-capture path, vague negative signals can reuse up to 8 prior recorded entries plus the failed tool call, then stay linked to a 60-second follow-up session. After repeated failures with the same pattern, ThumbGate auto-generates a prevention rule and wires it as a pre-action check. Checks adapt over time using Thompson Sampling, a Bayesian multi-armed bandit algorithm.</p>
 </div>
 
 </div>
 
 <footer>
-  <p>ThumbGate -- Pre-action gates for AI coding agents</p>
+  <p>ThumbGate -- Pre-action checks for AI coding agents</p>
   <p><a href="https://github.com/IgorGanapolsky/ThumbGate">GitHub</a> | <a href="https://www.npmjs.com/package/thumbgate">npm</a> | <a href="/guide">Guide</a> | <a href="/dashboard">Dashboard</a></p>
 </footer>
 </body>

package/public/dashboard.html

@@ -4,13 +4,33 @@
 <meta charset="UTF-8">
 <meta name="viewport" content="width=device-width, initial-scale=1.0">
 <title>ThumbGate Dashboard — Gate Stats, Approval Rate, Prevention Impact</title>
-<meta name="description" content="Live dashboard showing gate enforcement stats, approval rate trends, prevention impact, and system health for ThumbGate pre-action gates.">
+<meta name="description" content="Live dashboard showing gate enforcement stats, approval rate trends, prevention impact, and system health for ThumbGate pre-action checks.">
 <link rel="canonical" href="https://thumbgate-production.up.railway.app/dashboard">
 <link rel="icon" type="image/png" href="/thumbgate-icon.png">
 <link rel="apple-touch-icon" href="/assets/brand/thumbgate-mark.svg">
 <meta name="robots" content="noindex">
 <!-- Privacy-friendly analytics by Plausible -->
 <script defer data-domain="thumbgate-production.up.railway.app" src="https://plausible.io/js/script.js"></script>
+<script type="application/ld+json">
+{
+  "@context": "https://schema.org",
+  "@type": "WebApplication",
+  "name": "ThumbGate Dashboard",
+  "applicationCategory": "DeveloperApplication",
+  "operatingSystem": "Cross-platform",
+  "url": "https://thumbgate-production.up.railway.app/dashboard",
+  "dateModified": "2026-04-20",
+  "creator": {
+    "@type": "Person",
+    "name": "Igor Ganapolsky",
+    "url": "https://github.com/IgorGanapolsky",
+    "sameAs": [
+      "https://github.com/IgorGanapolsky",
+      "https://www.linkedin.com/in/igorganapolsky"
+    ]
+  }
+}
+</script>
 <script src="https://cdn.jsdelivr.net/npm/chart.js@4.4.7/dist/chart.umd.min.js"></script>
 <style>
   *, *::before, *::after { margin: 0; padding: 0; box-sizing: border-box; }
@@ -200,7 +220,8 @@
 
   <div style="margin:0 0 24px;padding:24px;background:linear-gradient(135deg,rgba(34,211,238,0.08),rgba(74,222,128,0.05));border:1px solid rgba(34,211,238,0.2);border-radius:12px;">
     <h1 style="font-size:22px;font-weight:700;margin-bottom:8px;letter-spacing:-0.02em;">🔍 Operations Dashboard</h1>
-    <p style="font-size:14px;color:var(--text-muted);line-height:1.6;max-width:700px;">What's happening right now? Search memories, inspect active gates, manage your team, and export training data. <span style="color:var(--cyan);font-weight:600;">This is your control plane for AI agent behavior.</span></p>
+    <p style="font-size:12px;color:var(--text-muted);margin-bottom:8px;">Updated: <time datetime="2026-04-20">2026-04-20</time> · by <a href="https://github.com/IgorGanapolsky" style="color:inherit;">Igor Ganapolsky</a></p>
+    <p style="font-size:14px;color:var(--text-muted);line-height:1.6;max-width:700px;">What's happening right now? Search memories, inspect active checks, manage your team, and export training data. <span style="color:var(--cyan);font-weight:600;">This is your control plane for AI agent behavior.</span></p>
     <div style="display:flex;gap:16px;margin-top:12px;font-size:12px;color:var(--text-muted);">
       <span>🔍 <strong style="color:var(--text);">Search</strong> — find any memory</span>
       <span>🛡️ <strong style="color:var(--text);">Gates</strong> — what's blocking</span>
@@ -211,7 +232,7 @@
 
   <div class="demo-banner" id="demoBanner" style="display:none;">
     <span>📊 <strong>Demo Mode</strong> — sample data. Pro unlocks your personal dashboard with search, DPO export, and gate analytics.</span>
-    <a href="https://buy.stripe.com/7sYcN5bmIf5IcSd8qf3sI0a" target="_blank" rel="noopener" style="background:#b85c2d;color:#fff;padding:6px 14px;border-radius:8px;text-decoration:none;font-weight:700;white-space:nowrap;">Start 7-day free trial</a>
+    <a href="/go/pro?utm_source=dashboard_demo" rel="noopener" style="background:#b85c2d;color:#fff;padding:6px 14px;border-radius:8px;text-decoration:none;font-weight:700;white-space:nowrap;">Start 7-day free trial</a>
   </div>
 
   <!-- STATS -->
@@ -219,7 +240,7 @@
     <a class="stat-card" data-card-action="all" onclick="selectCard(this,'all')" href="/lessons" style="cursor:pointer;text-decoration:none;color:inherit;display:block;" title="Click to view all feedback → Lessons page"><div class="stat-label">Total Feedback</div><div class="stat-value cyan" id="statTotal">—</div></a>
     <a class="stat-card" data-card-action="up" onclick="selectCard(this,'up')" href="/lessons?signal=positive" style="cursor:pointer;text-decoration:none;color:inherit;display:block;" title="Click to view positive feedback → Lessons page"><div class="stat-label">👍 Positive</div><div class="stat-value green" id="statPositive">—</div></a>
     <a class="stat-card" data-card-action="down" onclick="selectCard(this,'down')" href="/lessons?signal=negative" style="cursor:pointer;text-decoration:none;color:inherit;display:block;" title="Click to view negative feedback → Lessons page"><div class="stat-label">👎 Negative</div><div class="stat-value red" id="statNegative">—</div></a>
-    <a class="stat-card" data-card-action="gates" onclick="selectCard(this,'gates');return false;" href="#" style="cursor:pointer;text-decoration:none;color:inherit;display:block;" title="Click to view active gates"><div class="stat-label">Active Gates</div><div class="stat-value cyan" id="statGates">—</div></a>
+    <a class="stat-card" data-card-action="gates" onclick="selectCard(this,'gates');return false;" href="#" style="cursor:pointer;text-decoration:none;color:inherit;display:block;" title="Click to view active checks"><div class="stat-label">Active Gates</div><div class="stat-value cyan" id="statGates">—</div></a>
   </div>
 
   <div class="panel" id="reviewDeltaPanel" style="margin-bottom:20px;">
@@ -282,7 +303,7 @@
   <!-- GATES TAB -->
   <div class="tab-content" id="tab-gates">
     <div class="gates-section">
-      <h2>Active Pre-Action Gates</h2>
+      <h2>Active Pre-Action Checks</h2>
       <div id="gatesList"><div class="loading">Loading gates...</div></div>
     </div>
   </div>
@@ -424,7 +445,7 @@
           <div>
             <div style="font-size:32px;margin-bottom:8px;">🛡️</div>
             <div style="font-size:13px;font-weight:600;margin-bottom:4px;">3. Gate Promoted</div>
-            <div style="font-size:12px;color:var(--text-muted);">Repeated lessons auto-promote into pre-action gates</div>
+            <div style="font-size:12px;color:var(--text-muted);">Repeated lessons auto-promote into pre-action checks</div>
           </div>
           <div>
             <div style="font-size:32px;margin-bottom:8px;">🚫</div>
@@ -502,6 +523,10 @@ async function connect(options) {
     renderStats(data);
     setSelectedCard('all');
     await loadDashboardData();
+    // Open a live-events stream so feedback/rule-regen events surface
+    // without a manual refresh. Non-fatal: if the browser doesn't support
+    // ReadableStream over fetch (very old), we simply stay on the polled path.
+    subscribeToLiveEvents();
   } catch (e) {
     status.className = 'auth-status err';
     status.textContent = '✗ ' + e.message;
@@ -735,6 +760,74 @@ async function loadDashboardData() {
   } catch (e) { /* insights degrade gracefully */ }
 }
 
+// Live-events SSE subscription. We use fetch() + ReadableStream instead of
+// the native EventSource because EventSource can't attach our Bearer auth
+// header. On any event we re-fetch the stats/dashboard summary — cheap, and
+// avoids having to duplicate rendering logic per event type.
+var __liveEventsController = null;
+async function subscribeToLiveEvents() {
+  if (__liveEventsController) {
+    try { __liveEventsController.abort(); } catch (_) { /* already aborted */ }
+  }
+  if (typeof AbortController === 'undefined' || !window.fetch) return;
+  var controller = new AbortController();
+  __liveEventsController = controller;
+  try {
+    var res = await fetch('/v1/events', {
+      headers: { 'Authorization': 'Bearer ' + API_KEY },
+      signal: controller.signal,
+    });
+    if (!res.ok || !res.body || !res.body.getReader) return;
+    var reader = res.body.getReader();
+    var decoder = new TextDecoder('utf-8');
+    var buffer = '';
+    while (true) {
+      var chunk = await reader.read();
+      if (chunk.done) break;
+      buffer += decoder.decode(chunk.value, { stream: true });
+      var frames = buffer.split('\n\n');
+      buffer = frames.pop() || '';
+      for (var i = 0; i < frames.length; i++) {
+        handleLiveEventFrame(frames[i]);
+      }
+    }
+  } catch (e) {
+    // AbortError fires on logout/reconnect — not worth surfacing to the user.
+  }
+}
+
+function handleLiveEventFrame(frame) {
+  if (!frame || frame.charAt(0) === ':') return; // heartbeat comment
+  var eventName = 'message';
+  var dataLines = [];
+  var lines = frame.split('\n');
+  for (var i = 0; i < lines.length; i++) {
+    var line = lines[i];
+    if (line.indexOf('event:') === 0) eventName = line.slice(6).trim();
+    else if (line.indexOf('data:') === 0) dataLines.push(line.slice(5).trim());
+  }
+  if (!dataLines.length) return;
+  var payload;
+  try { payload = JSON.parse(dataLines.join('\n')); } catch (_) { return; }
+  onLiveEvent(eventName, payload);
+}
+
+function onLiveEvent(eventName, payload) {
+  // All events currently boil down to "something changed, re-pull summary".
+  // When we add richer partial updates we can branch on eventName here.
+  if (eventName === 'connected') return;
+  refreshStatsOnly();
+}
+
+async function refreshStatsOnly() {
+  try {
+    var res = await fetch('/v1/feedback/stats', { headers: getHeaders() });
+    if (!res.ok) return;
+    var data = await res.json();
+    renderStats(data);
+  } catch (_) { /* ignore transient errors */ }
+}
+
 function formatReviewTimestamp(value) {
   if (!value) return 'Not reviewed yet';
   var date = new Date(value);
@@ -803,7 +896,7 @@ function renderDashboardData(data) {
   const gateStats = data.gateStats || {};
   document.getElementById('statGates').textContent = gates.length || gateStats.totalGates || 0;
   if (!gates.length) {
-    document.getElementById('gatesList').innerHTML = '<div class="empty">No active gates</div>';
+    document.getElementById('gatesList').innerHTML = '<div class="empty">No active checks</div>';
   } else {
     document.getElementById('gatesList').innerHTML = gates.map(function(g) {
       const action = g.action || 'block';
@@ -1126,7 +1219,7 @@ function renderTemplates(templateLibrary) {
         '<div class="template-pattern">' + escHtml(template.pattern || '') + '</div>' +
       '</div>';
     }).join('')
-    : '<div class="empty">No gate templates available</div>';
+    : '<div class="empty">No check templates available</div>';
 }
 
 document.addEventListener('click', function(event) {
@@ -1190,9 +1283,9 @@ function loadDemo() {
   document.getElementById('reviewCheckpointBtn').textContent = 'Connect to save your own review checkpoint';
   // Sample memories — realistic scenarios from real agent-driven development
   var demoResults = [
-    { signal: 'down', title: 'Claimed fix worked without running tests', context: 'Agent announced "fixed and pushed" but never ran the test suite. CI failed on 3 tests. Gate now requires test evidence before any completion claim.', tags: ['anti-lying', 'verification-gap', 'ci', 'trust-breach'], timestamp: '2025-06-22T10:20:00Z' },
-    { signal: 'down', title: 'Force-pushed to main and lost teammate commits', context: 'Used git push --force on main to fix a rebase. Overwrote 3 commits from another team member. Had to recover from reflog. Gate now blocks all --force pushes to protected branches.', tags: ['git', 'destructive', 'auto-blocked'], timestamp: '2025-06-20T09:15:00Z' },
-    { signal: 'up', title: 'Pre-action gate caught .env commit', context: 'Gate blocked a git add that included .env with production API keys. Saved from leaking secrets to a public repo.', tags: ['security', 'prevention', 'secrets'], timestamp: '2025-06-19T11:30:00Z' },
+    { signal: 'down', title: 'Claimed fix worked without running tests', context: 'Agent announced "fixed and pushed" but never ran the test suite. CI failed on 3 tests. Check now requires test evidence before any completion claim.', tags: ['anti-lying', 'verification-gap', 'ci', 'trust-breach'], timestamp: '2025-06-22T10:20:00Z' },
+    { signal: 'down', title: 'Force-pushed to main and lost teammate commits', context: 'Used git push --force on main to fix a rebase. Overwrote 3 commits from another team member. Had to recover from reflog. Check now blocks all --force pushes to protected branches.', tags: ['git', 'destructive', 'auto-blocked'], timestamp: '2025-06-20T09:15:00Z' },
+    { signal: 'up', title: 'Pre-action check caught .env commit', context: 'Check blocked a git add that included .env with production API keys. Saved from leaking secrets to a public repo.', tags: ['security', 'prevention', 'secrets'], timestamp: '2025-06-19T11:30:00Z' },
     { signal: 'down', title: 'PR scope creep — 72 changed files for a 2-file fix', context: 'Agent included unrelated formatting changes, config files, and lock file updates in a PR that should have touched 2 files. User had to manually separate the changes.', tags: ['pr-scope', 'scope-creep', 'user-frustration', 'git-workflow'], timestamp: '2025-06-18T14:30:00Z' },
     { signal: 'up', title: 'Full PR review cycle with on-device verification', context: 'Fixed 3 review findings, verified on physical Android device with fresh debug build, confirmed Delete Account flow end-to-end before marking PR ready.', tags: ['pr-review', 'on-device-verification', 'evidence-based', 'metric:ROI'], timestamp: '2025-06-17T16:45:00Z' },
     { signal: 'down', title: 'Claimed Figma compliance without visual verification', context: 'Said UI matched Figma designs without actually checking. User pointed out wrong colors, missing spacing, and incorrect font weights. Should have used screenshot comparison.', tags: ['anti-lying', 'figma', 'visual-verification', 'trust-breach'], timestamp: '2025-06-16T08:05:00Z' },
@@ -1216,7 +1309,7 @@ function loadDemo() {
     '<span style="color:#ffb98a;font-weight:700;">Live demo data below.</span> ' +
     'Point ThumbGate at your own feedback to see <em>your</em> gates, lessons, and team signals — no signup required.' +
     '</div>' +
-    '<a href="https://buy.stripe.com/7sYcN5bmIf5IcSd8qf3sI0a" target="_blank" rel="noopener" ' +
+    '<a href="/go/pro?utm_source=dashboard_live" rel="noopener" ' +
     'style="flex:none;background:#b85c2d;color:#fff;padding:8px 18px;border-radius:8px;text-decoration:none;font-weight:700;font-size:13px;white-space:nowrap;">Go Pro — $19/mo</a>' +
     '</div>';
   document.getElementById('searchResults').innerHTML = upgradeBanner + teaserHtml;

package/public/guide.html

@@ -6,10 +6,10 @@
 <title>How to Stop AI Coding Agents From Repeating Mistakes — ThumbGate Guide</title>
 <!-- Privacy-friendly analytics by Plausible -->
 <script defer data-domain="thumbgate-production.up.railway.app" src="https://plausible.io/js/script.js"></script>
-<meta name="description" content="The complete guide to preventing AI coding agent mistakes with pre-action gates, history-aware lesson distillation, and automatic prevention rules.">
-<meta name="keywords" content="AI agent mistakes, Claude Code force push, AI coding agent memory, MCP server guardrails, pre-action gates, vibe coding safety, PreToolUse hooks, ThumbGate, SpecLock alternative, Mem0 alternative">
+<meta name="description" content="The complete guide to preventing AI coding agent mistakes with pre-action checks, history-aware lesson distillation, and automatic prevention rules.">
+<meta name="keywords" content="AI agent mistakes, Claude Code force push, AI coding agent memory, MCP server guardrails, pre-action checks, vibe coding safety, PreToolUse hooks, ThumbGate, SpecLock alternative, Mem0 alternative">
 <meta property="og:title" content="How to Stop AI Coding Agents From Repeating Mistakes">
-<meta property="og:description" content="Pre-action gates that physically block AI agents from repeating known mistakes. The complete guide.">
+<meta property="og:description" content="Pre-action checks that physically block AI agents from repeating known mistakes. The complete guide.">
 <meta property="og:type" content="article">
 <meta property="og:url" content="https://thumbgate-production.up.railway.app/guide">
 <link rel="canonical" href="https://thumbgate-production.up.railway.app/guide">
@@ -19,7 +19,7 @@
   "@context": "https://schema.org",
   "@type": "TechArticle",
   "headline": "How to Stop AI Coding Agents From Repeating Mistakes",
-  "description": "Complete guide to preventing AI agent mistakes with pre-action gates, feedback capture, history-aware lesson distillation, and automatic prevention rule generation.",
+  "description": "Complete guide to preventing AI agent mistakes with pre-action checks, feedback capture, history-aware lesson distillation, and automatic prevention rule generation.",
   "author": {
     "@type": "Person",
     "name": "Igor Ganapolsky",
@@ -36,7 +36,7 @@
   "about": [
     {"@type": "Thing", "name": "AI coding agents"},
     {"@type": "Thing", "name": "Model Context Protocol"},
-    {"@type": "Thing", "name": "pre-action gates"}
+    {"@type": "Thing", "name": "pre-action checks"}
   ]
 }
 </script>
@@ -64,12 +64,12 @@
       "@type": "HowToStep",
       "position": 3,
       "name": "Feedback auto-promotes to prevention rules",
-      "text": "After repeated failures, ThumbGate generates a prevention rule and wires it as a pre-action gate."
+      "text": "After repeated failures, ThumbGate generates a prevention rule and wires it as a pre-action check."
     },
     {
       "@type": "HowToStep",
       "position": 4,
-      "name": "Gates block mistakes before they happen",
+      "name": "Checks block mistakes before they happen",
       "text": "PreToolUse hooks intercept tool calls and check them against known failure patterns. Bad actions are blocked before execution."
     }
   ]
@@ -86,7 +86,7 @@
       "name": "How do I stop my AI coding agent from repeating mistakes?",
       "acceptedAnswer": {
         "@type": "Answer",
-        "text": "Install ThumbGate (npx thumbgate init). When your agent makes a mistake, give it a thumbs-down with context. ThumbGate captures the feedback, and after repeated failures, auto-generates a prevention rule. Pre-action gates then block the same mistake before it executes in future sessions."
+        "text": "Install ThumbGate (npx thumbgate init). When your agent makes a mistake, give it a thumbs-down with context. ThumbGate captures the feedback, and after repeated failures, auto-generates a prevention rule. Pre-action checks then block the same mistake before it executes in future sessions."
       }
     },
     {
@@ -94,15 +94,15 @@
       "name": "Why does my Claude Code agent keep force-pushing to main?",
       "acceptedAnswer": {
         "@type": "Answer",
-        "text": "Because prompt rules are suggestions the agent can ignore. ThumbGate solves this with enforcement: a PreToolUse hook fires before every tool call and checks it against known failure patterns. If the action matches a gate (like git push --force to main), it is physically blocked before execution."
+        "text": "Because prompt rules are suggestions the agent can ignore. ThumbGate solves this with enforcement: a PreToolUse hook fires before every tool call and checks it against known failure patterns. If the action matches a check (like git push --force to main), it is physically blocked before execution."
       }
     },
     {
       "@type": "Question",
-      "name": "What is the difference between pre-action gates and prompt rules?",
+      "name": "What is the difference between pre-action checks and prompt rules?",
       "acceptedAnswer": {
         "@type": "Answer",
-        "text": "Prompt rules (like CLAUDE.md or .cursorrules) are instructions the agent may ignore. Pre-action gates are enforcement: they intercept the tool call at the PreToolUse hook level and block it before execution. Gates are auto-generated from feedback and use Thompson Sampling to adapt their sensitivity."
+        "text": "Prompt rules (like CLAUDE.md or .cursorrules) are instructions the agent may ignore. Pre-action checks are enforcement: they intercept the tool call at the PreToolUse hook level and block it before execution. Checks are auto-generated from feedback and use Thompson Sampling to adapt their sensitivity."
       }
     },
     {
@@ -126,7 +126,7 @@
       "name": "Does AI agent memory persist across sessions?",
       "acceptedAnswer": {
         "@type": "Answer",
-        "text": "With ThumbGate, yes. Feedback is stored in a local SQLite database with FTS5 indexing. Prevention rules and gates persist across sessions. The recall tool injects relevant context at session start, and session handoff preserves continuity."
+        "text": "With ThumbGate, yes. Feedback is stored in a local SQLite database with FTS5 indexing. Prevention rules and checks persist across sessions. The recall tool injects relevant context at session start, and session handoff preserves continuity."
       }
     },
     {
@@ -134,7 +134,7 @@
       "name": "How do I set up PreToolUse hooks in Claude Code?",
       "acceptedAnswer": {
         "@type": "Answer",
-        "text": "Run npx thumbgate init --agent claude-code. This auto-configures PreToolUse hooks in your .claude/settings.json. The hooks fire before every tool call and check it against your prevention rules and gates."
+        "text": "Run npx thumbgate init --agent claude-code. This auto-configures PreToolUse hooks in your .claude/settings.json. The hooks fire before every tool call and check it against your prevention rules and checks."
       }
     },
     {
@@ -201,14 +201,14 @@
 <p class="breadcrumb"><a href="/">Home</a> / Guide</p>
 
 <h1>How to Stop AI Coding Agents From Repeating Mistakes</h1>
-<p style="color:var(--muted);">The complete guide to pre-action gates, feedback capture, history-aware lesson distillation, and automatic prevention rules.</p>
+<p style="color:var(--muted);">The complete guide to pre-action checks, feedback capture, history-aware lesson distillation, and automatic prevention rules.</p>
 
 <h2>The Problem</h2>
 <p>Your AI coding agent force-pushes to main. You correct it. Next session, it force-pushes again. You add a rule to CLAUDE.md. It ignores it. You lose an afternoon reverting.</p>
 <p>This happens because <strong>prompt rules are suggestions</strong>. The agent can read them, forget them, or override them. There is no enforcement at the tool-call level.</p>
 
-<h2>The Fix: Pre-Action Gates</h2>
-<p>ThumbGate adds an enforcement layer between your agent and its tools. When the agent tries to execute a tool call, a <code>PreToolUse</code> hook fires <em>before</em> the action runs. The hook checks the call against known failure patterns. If it matches a gate, the action is blocked.</p>
+<h2>The Fix: Pre-Action Checks</h2>
+<p>ThumbGate adds an enforcement layer between your agent and its tools. When the agent tries to execute a tool call, a <code>PreToolUse</code> hook fires <em>before</em> the action runs. The hook checks the call against known failure patterns. If it matches a check, the action is blocked.</p>
 
 <div class="card">
 <h3>Before ThumbGate</h3>
@@ -216,9 +216,9 @@
 Result: Force-pushed. You lose 3 commits. Again.</code></pre>
 <h3>After ThumbGate</h3>
 <pre><code>Agent: git push --force origin main
-[gate] Blocked: no-force-push (confidence: 0.94)
+[check] Blocked: no-force-push (confidence: 0.94)
 Agent: git push origin feature-branch
-[gate] Passed</code></pre>
+[check] Passed</code></pre>
 </div>
 
 <h2>Install (One Command)</h2>
@@ -249,11 +249,11 @@ npx thumbgate init --agent gemini</code></pre>
 <h3>2. Feedback auto-promotes to prevention rules</h3>
 <p>After repeated failures with the same pattern, ThumbGate generates a prevention rule automatically. No manual rule writing needed.</p>
 
-<h3>3. Rules become gates</h3>
-<p>Prevention rules are enforced as pre-action gates. The gate fires at the <code>PreToolUse</code> hook level — inside the agent's runtime, before the tool call executes.</p>
+<h3>3. Rules become checks</h3>
+<p>Prevention rules are enforced as pre-action checks. The check fires at the <code>PreToolUse</code> hook level — inside the agent's runtime, before the tool call executes.</p>
 
-<h3>4. Gates adapt via Thompson Sampling</h3>
-<p>Gates that block too aggressively (high false-positive rate) get their confidence reduced automatically. Gates that catch real mistakes get reinforced. This is Bayesian multi-armed bandit optimization, not static rules.</p>
+<h3>4. Checks adapt via Thompson Sampling</h3>
+<p>Checks that block too aggressively (high false-positive rate) get their confidence reduced automatically. Checks that catch real mistakes get reinforced. This is Bayesian multi-armed bandit optimization, not static rules.</p>
 
 <h2>Memory That Persists Across Sessions</h2>
 <p>ThumbGate stores feedback in a local SQLite database with FTS5 full-text indexing. Lookups are sub-millisecond even at tens of thousands of entries. Old entries that contradict newer evidence are auto-pruned via Bayesian belief decay.</p>
@@ -273,9 +273,9 @@ npx thumbgate init --agent gemini</code></pre>
   <li><code>reflect_on_feedback</code> proposes a reusable rule from the same transcript when the failure pattern is obvious.</li>
 </ul>
 
-<h2>Pre-Action Gates vs Prompt Rules</h2>
+<h2>Pre-Action Checks vs Prompt Rules</h2>
 <table class="comparison-table">
-  <tr><th>Feature</th><th>Prompt Rules</th><th>Pre-Action Gates</th></tr>
+  <tr><th>Feature</th><th>Prompt Rules</th><th>Pre-Action Checks</th></tr>
   <tr><td>Where they live</td><td>CLAUDE.md, .cursorrules</td><td>PreToolUse hooks</td></tr>
   <tr><td>Enforcement</td><td>Suggestion (can be ignored)</td><td>Blocks execution</td></tr>
   <tr><td>When they fire</td><td>At prompt load</td><td>Before every tool call</td></tr>
@@ -287,7 +287,7 @@ npx thumbgate init --agent gemini</code></pre>
 <h2>ThumbGate vs Alternatives</h2>
 <table class="comparison-table">
   <tr><th>Feature</th><th>ThumbGate</th><th>SpecLock</th><th>Mem0</th></tr>
-  <tr><td>Blocks mistakes before execution</td><td>Yes — PreToolUse gates</td><td>Yes — Patch Firewall</td><td>No</td></tr>
+  <tr><td>Blocks mistakes before execution</td><td>Yes — PreToolUse checks</td><td>Yes — Patch Firewall</td><td>No</td></tr>
   <tr><td>Learns from feedback</td><td>Yes — thumbs up/down</td><td>No — manual specs</td><td>Yes — auto-capture</td></tr>
   <tr><td>Auto-generates rules</td><td>Yes — from repeated failures</td><td>No</td><td>No</td></tr>
   <tr><td>Agent support</td><td>Claude Code, Codex, Gemini, Amp, Cursor, OpenCode</td><td>Claude Code, Cursor, Windsurf, Cline</td><td>Claude, Cursor</td></tr>
@@ -298,13 +298,13 @@ npx thumbgate init --agent gemini</code></pre>
 <h2>Common Scenarios</h2>
 
 <h3>Agent keeps deleting files</h3>
-<p>Give a thumbs-down: "deleted production config file." After 2-3 occurrences, ThumbGate generates a gate that blocks <code>rm</code> commands targeting config files.</p>
+<p>Give a thumbs-down: "deleted production config file." After 2-3 occurrences, ThumbGate generates a check that blocks <code>rm</code> commands targeting config files.</p>
 
 <h3>Agent ignores test failures</h3>
-<p>Give a thumbs-down: "committed code with failing tests." ThumbGate learns the pattern and gates future commits when test results show failures.</p>
+<p>Give a thumbs-down: "committed code with failing tests." ThumbGate learns the pattern and checks future commits when test results show failures.</p>
 
 <h3>Agent uses wrong API endpoint</h3>
-<p>Give a thumbs-down: "called staging API in production code." The gate blocks tool calls that reference staging URLs in production contexts.</p>
+<p>Give a thumbs-down: "called staging API in production code." The check blocks tool calls that reference staging URLs in production contexts.</p>
 
 <h2>Get Started</h2>
 <pre><code>npx thumbgate init</code></pre>