thumbgate 1.16.12 → 1.16.19

package/config/gate-templates.json

@@ -72,6 +72,378 @@
       "problem": "Turns repeated thumbs-up patterns into recommended workflow defaults and starter rules.",
       "roi": "Helps new agents and new teammates start from what already works.",
       "rollout": "Use with shared lessons to accelerate onboarding."
+    },
+    {
+      "id": "require-diff-impact-before-central-edit",
+      "name": "Require diff impact before central edits",
+      "category": "Knowledge Graph Safety",
+      "signal": "👎",
+      "defaultAction": "block",
+      "severity": "high",
+      "pattern": "centrality:(high|critical).*tool:(edit|write|patch)",
+      "problem": "Blocks edits to high-centrality files unless the agent has inspected the dependency impact first.",
+      "roi": "Turns code-graph context into a concrete guardrail for the changes most likely to break many downstream paths.",
+      "rollout": "Enable after generating a code knowledge graph and tagging critical files or modules."
+    },
+    {
+      "id": "checkpoint-cross-layer-refactor",
+      "name": "Checkpoint cross-layer refactors",
+      "category": "Knowledge Graph Safety",
+      "signal": "👎",
+      "defaultAction": "warn",
+      "severity": "high",
+      "pattern": "layers_touched:(api|service|data|ui).*(api|service|data|ui)",
+      "problem": "Requires an explicit checkpoint before an agent changes multiple architectural layers in one run.",
+      "roi": "Prevents broad refactors from becoming invisible blast-radius expansion.",
+      "rollout": "Use with graph layer labels from tools such as Understand Anything, code-graph MCPs, or internal architecture maps."
+    },
+    {
+      "id": "protect-graph-generated-artifacts",
+      "name": "Protect generated graph artifacts",
+      "category": "Knowledge Graph Safety",
+      "signal": "👎",
+      "defaultAction": "block",
+      "severity": "medium",
+      "pattern": "\\.(understand-anything|codegraph|knowledge-graph)\\/.*",
+      "problem": "Stops agents from editing generated knowledge-graph artifacts as if they were source of truth.",
+      "roi": "Keeps graph context reproducible and avoids corrupting the evidence layer agents rely on for impact analysis.",
+      "rollout": "Enable for repos that commit or cache graph outputs locally."
+    },
+    {
+      "id": "block-package-lifecycle-secret-harvest",
+      "name": "Block package lifecycle secret harvest",
+      "category": "Supply Chain Safety",
+      "signal": "👎",
+      "defaultAction": "block",
+      "severity": "critical",
+      "pattern": "(preinstall|install|postinstall|prepare).*(env|token|secret|credential|npmrc|pypirc|docker\\/config|ssh)",
+      "problem": "Stops package lifecycle scripts from reading local credentials during npm, PyPI, Docker, or CLI compromise scenarios.",
+      "roi": "Turns developer-machine supply-chain awareness into a runtime stop before secrets are harvested at scale.",
+      "rollout": "Enable on every repo where agents can install packages, run package scripts, or edit dependency automation."
+    },
+    {
+      "id": "review-untrusted-cli-before-execution",
+      "name": "Review untrusted CLI before execution",
+      "category": "Supply Chain Safety",
+      "signal": "👎",
+      "defaultAction": "block",
+      "severity": "critical",
+      "pattern": "(curl|wget).*(bash|sh)|npx\\s+[^@\\s]+|uvx\\s+|pipx\\s+run",
+      "problem": "Blocks one-shot CLI execution paths that can turn a copied command into developer-machine compromise.",
+      "roi": "Prevents AI assistants from amplifying malicious copy-paste install flows across repos and machines.",
+      "rollout": "Allowlist trusted internal CLIs and require source review for every new external executable."
+    },
+    {
+      "id": "checkpoint-dependency-bot-autofix",
+      "name": "Checkpoint dependency bot autofix",
+      "category": "Supply Chain Safety",
+      "signal": "👎",
+      "defaultAction": "warn",
+      "severity": "high",
+      "pattern": "(dependabot|renovate|npm audit fix|pnpm audit|pip install -U|docker pull|cargo update)",
+      "problem": "Requires a human-readable checkpoint before automated dependency updates expand the trusted code surface.",
+      "roi": "Keeps dependency bots and package managers from silently widening blast radius during a supply-chain incident.",
+      "rollout": "Start as warn mode for dependency PRs; promote to block for production services or privileged developer machines."
+    },
+    {
+      "id": "require-credential-exposure-assessment",
+      "name": "Require credential exposure assessment",
+      "category": "Supply Chain Safety",
+      "signal": "👎",
+      "defaultAction": "block",
+      "severity": "high",
+      "pattern": "(secret|token|credential|api[_-]?key|ssh|npmrc|pypirc|docker\\/config).*(rotate|exposed|leak|incident|compromise)",
+      "problem": "Forces an exposure assessment before an agent claims a supply-chain incident is resolved.",
+      "roi": "Connects prevention with remediation: what credential lived where, who touched it, and whether rotation is required.",
+      "rollout": "Use with incident-response runbooks and secrets scanner output from GitGuardian or internal tooling."
+    },
+    {
+      "id": "require-section-tree-before-multimodal-answer",
+      "name": "Require section tree before multimodal answers",
+      "category": "Document RAG Safety",
+      "signal": "👎",
+      "defaultAction": "block",
+      "severity": "high",
+      "pattern": "(multimodal|image|chart|figure|table).*answer.*(missing|no).*section[_ -]?tree",
+      "problem": "Blocks visual document answers when the agent has not preserved document hierarchy, section IDs, and source paths.",
+      "roi": "Prevents multimodal RAG demos from becoming ungrounded image guessing while keeping costs lower than full multimodal embeddings.",
+      "rollout": "Enable for PDF, report, support-doc, research-paper, and compliance workflows before agents answer with images."
+    },
+    {
+      "id": "require-image-pointer-grounding",
+      "name": "Require image pointer grounding",
+      "category": "Document RAG Safety",
+      "signal": "👎",
+      "defaultAction": "block",
+      "severity": "high",
+      "pattern": "(image|figure|chart|diagram).*answer.*(missing|no).*pointer",
+      "problem": "Requires every cited visual to carry a source document, parent section, and file path pointer.",
+      "roi": "Turns proxy-pointer RAG structure into an auditable answer boundary instead of trusting visual similarity.",
+      "rollout": "Start on any workflow that returns charts, figures, screenshots, or PDF images to users."
+    },
+    {
+      "id": "block-cross-document-image-leakage",
+      "name": "Block cross-document image leakage",
+      "category": "Document RAG Safety",
+      "signal": "👎",
+      "defaultAction": "block",
+      "severity": "critical",
+      "pattern": "image_doc_id\\s*!=\\s*answer_doc_id|cross[_ -]?document.*image",
+      "problem": "Stops agents from attaching a plausible visual from the wrong source document.",
+      "roi": "Protects trust in buyer-facing document answers where one wrong chart or figure can invalidate the whole system.",
+      "rollout": "Promote to block as soon as the ingestion pipeline records document IDs for image pointers."
+    },
+    {
+      "id": "checkpoint-vision-filter-for-visual-claims",
+      "name": "Checkpoint vision filter for visual claims",
+      "category": "Document RAG Safety",
+      "signal": "👎",
+      "defaultAction": "warn",
+      "severity": "medium",
+      "pattern": "(visual|image|chart|figure).*claim.*(without|no).*vision[_ -]?filter",
+      "problem": "Requires an optional vision-model sanity check before high-impact answers rely on visual content.",
+      "roi": "Keeps the cheap text-pointer path fast while adding review only when the answer makes visual claims.",
+      "rollout": "Use warn mode for low-risk docs and block mode for legal, financial, medical, or customer-facing visual answers."
+    },
+    {
+      "id": "require-rag-baseline-before-precision-tuning",
+      "name": "Require RAG baseline before precision tuning",
+      "category": "Document RAG Safety",
+      "signal": "👎",
+      "defaultAction": "block",
+      "severity": "critical",
+      "pattern": "(rag|retrieval|embedding).*(fine[- ]?tune|threshold|precision).*(missing|no).*(baseline|recall)",
+      "problem": "Blocks embedding, threshold, or precision tuning when the agent has not preserved a retrieval baseline and recall check.",
+      "roi": "Prevents a local precision improvement from silently degrading general retrieval quality across the agentic pipeline.",
+      "rollout": "Require baseline recall@k, precision@k, and answer-with-evidence metrics before changing retrieval thresholds or embedding models."
+    },
+    {
+      "id": "require-two-stage-rag-verifier-for-structural-near-misses",
+      "name": "Require two-stage RAG verifier for structural near misses",
+      "category": "Document RAG Safety",
+      "signal": "👎",
+      "defaultAction": "block",
+      "severity": "high",
+      "pattern": "(negation|role reversal|structural near[- ]?miss|compositional).*(without|no).*(verifier|rerank|second stage)",
+      "problem": "Requires a token-level verifier, reranker, or second-stage check when retrieval must distinguish structurally similar but meaningfully different evidence.",
+      "roi": "Catches the role-reversal and negation failures that vector similarity and keyword search can miss before downstream agents act.",
+      "rollout": "Enable for legal, finance, compliance, support, and autonomous-agent workflows where wrong retrieval can trigger real actions."
+    },
+    {
+      "id": "checkpoint-rag-latency-precision-tradeoff",
+      "name": "Checkpoint RAG latency and precision tradeoff",
+      "category": "Document RAG Safety",
+      "signal": "👎",
+      "defaultAction": "warn",
+      "severity": "medium",
+      "pattern": "(rerank|verifier|cross[- ]?encoder|two[- ]?stage).*(latency|sla|budget)",
+      "problem": "Requires an explicit latency budget before adding verifier or reranker stages to precision-sensitive retrieval.",
+      "roi": "Keeps high-risk RAG workflows accurate without accidentally making production agents too slow or expensive to run.",
+      "rollout": "Start in warn mode; promote to block when latency regressions exceed the workflow SLA."
+    },
+    {
+      "id": "require-director-journal-for-long-running-agent",
+      "name": "Require director journal for long-running agent",
+      "category": "Long-Running Agent Context",
+      "signal": "👎",
+      "defaultAction": "block",
+      "severity": "high",
+      "pattern": "(long[- ]?running|multi[- ]?agent|background agent).*(missing|no).*(director journal|working memory|structured memory)",
+      "problem": "Blocks long-running agent work when the system relies on raw chat history instead of a structured working-memory journal.",
+      "roi": "Prevents context-window bloat, compaction drift, and incoherent handoffs across hundreds of agent requests.",
+      "rollout": "Enable for background agents, multi-agent investigations, revenue loops, and any workflow expected to span more than one session."
+    },
+    {
+      "id": "require-critic-review-for-agent-findings",
+      "name": "Require critic review for agent findings",
+      "category": "Long-Running Agent Context",
+      "signal": "👎",
+      "defaultAction": "block",
+      "severity": "high",
+      "pattern": "(finding|claim|expert report|agent summary).*(missing|no).*(critic|review|credibility|evidence score)",
+      "problem": "Requires a critic pass with evidence inspection and credibility scoring before agent findings become shared truth.",
+      "roi": "Stops invented or misinterpreted findings from becoming the memory that future agents build on.",
+      "rollout": "Start with warn mode for summaries; promote to block for security, revenue, incident, and customer-facing findings."
+    },
+    {
+      "id": "checkpoint-critic-timeline-conflict-resolution",
+      "name": "Checkpoint critic timeline conflict resolution",
+      "category": "Long-Running Agent Context",
+      "signal": "👎",
+      "defaultAction": "warn",
+      "severity": "medium",
+      "pattern": "(timeline|memory|journal).*(conflict|duplicate|contradict|stale).*(without|no).*(resolution|credibility)",
+      "problem": "Requires duplicate removal and source-strength conflict resolution before a long-running agent updates its timeline.",
+      "roi": "Keeps long-lived agent memory coherent while preserving only the strongest evidence across rounds.",
+      "rollout": "Use in warn mode for internal loops and block mode when the timeline feeds irreversible actions or external replies."
+    },
+    {
+      "id": "require-verifier-before-reasoning-compression",
+      "name": "Require verifier before reasoning compression",
+      "category": "Reasoning Efficiency Safety",
+      "signal": "👎",
+      "defaultAction": "block",
+      "severity": "high",
+      "pattern": "(reasoning|chain|trace).*(compress|shorten|prune).*(without|no).*(verifier|accuracy|pass@1)",
+      "problem": "Blocks reasoning-length compression when the workflow has not preserved verifier, accuracy, and rollback evidence.",
+      "roi": "Saves tokens only when compressed reasoning still passes quality checks instead of trading correctness for shorter traces.",
+      "rollout": "Enable for model-routing, benchmark, prompt-eval, and expensive agent workflows before shortening reasoning traces."
+    },
+    {
+      "id": "checkpoint-low-confidence-reasoning-steps",
+      "name": "Checkpoint low-confidence reasoning steps",
+      "category": "Reasoning Efficiency Safety",
+      "signal": "👎",
+      "defaultAction": "warn",
+      "severity": "medium",
+      "pattern": "(low[- ]?confidence|uncertain).*(step|reasoning).*(correct rollout|accepted answer)",
+      "problem": "Requires inspection before low-confidence steps in otherwise successful reasoning become reinforced training or routing signal.",
+      "roi": "Reduces brittle step-level learning where a correct final answer hides unstable intermediate reasoning.",
+      "rollout": "Start as warn mode for prompt and model evals; promote to block when those traces update routing or fine-tuning data."
+    },
+    {
+      "id": "checkpoint-high-confidence-failed-rollout",
+      "name": "Checkpoint high-confidence failed rollout",
+      "category": "Reasoning Efficiency Safety",
+      "signal": "👎",
+      "defaultAction": "warn",
+      "severity": "medium",
+      "pattern": "(high[- ]?confidence|confident).*(failed|verifier failed|truncated).*(rollout|trace)",
+      "problem": "Requires a verifier-error or truncation check before penalizing confident reasoning from failed rollouts.",
+      "roi": "Prevents training or routing updates from punishing correct reasoning when the failure came from truncation or verifier noise.",
+      "rollout": "Use for reasoning-compression experiments, evaluation harnesses, and DPO/RLHF export review."
+    },
+    {
+      "id": "require-hybrid-prefix-cache-coherence-eval",
+      "name": "Require hybrid prefix cache coherence eval",
+      "category": "Sparse Attention Runtime Safety",
+      "signal": "👎",
+      "defaultAction": "block",
+      "severity": "critical",
+      "pattern": "(deepseek|sparse attention|hybrid attention|prefix cache).*(missing|no).*(coherence|rollback|cache eval)",
+      "problem": "Blocks hybrid sparse-attention serving changes when prefix cache lifetime, compressed KV reuse, and rollback behavior have not been verified.",
+      "roi": "Prevents expensive long-context inference rollouts from reusing stale cache state or corrupting speculative decode paths.",
+      "rollout": "Enable before raising context windows, switching cache implementations, or deploying ShadowRadix-style prefix caching."
+    },
+    {
+      "id": "checkpoint-speculative-decoding-acceptance",
+      "name": "Checkpoint speculative decoding acceptance",
+      "category": "Sparse Attention Runtime Safety",
+      "signal": "👎",
+      "defaultAction": "warn",
+      "severity": "high",
+      "pattern": "(speculative|mtp|eagle).*(accept|rollback|draft).*(low|missing|unstable)",
+      "problem": "Requires acceptance-rate, rollback, and correctness evidence before speculative decoding is treated as a production speedup.",
+      "roi": "Avoids routing traffic to a faster-looking path that collapses acceptance length or hides draft-token correctness failures.",
+      "rollout": "Start in warn mode for lab benchmarks; promote to block when speculation is enabled for customer traffic."
+    },
+    {
+      "id": "require-long-context-kv-offload-capacity-plan",
+      "name": "Require long-context KV offload capacity plan",
+      "category": "Sparse Attention Runtime Safety",
+      "signal": "👎",
+      "defaultAction": "block",
+      "severity": "high",
+      "pattern": "(long context|1m token|kv cache|hisparse|cpu offload).*(missing|no).*(capacity|offload|memory budget)",
+      "problem": "Blocks long-context serving rollouts when KV cache capacity, CPU offload, or memory budgets are not documented and benchmarked.",
+      "roi": "Prevents GPU memory cliffs and surprise throughput regressions when agents send very large traces or document contexts.",
+      "rollout": "Require for 128k+ context targets and any hosted inference path where batch size or context length can grow automatically."
+    },
+    {
+      "id": "require-rollout-routing-and-indexer-replay",
+      "name": "Require rollout routing and indexer replay",
+      "category": "Sparse Attention Runtime Safety",
+      "signal": "👎",
+      "defaultAction": "block",
+      "severity": "critical",
+      "pattern": "(rl|training|fine[- ]?tune|reward).*(missing|no).*(routing replay|indexer replay|train[- ]?inference drift)",
+      "problem": "Blocks RL or fine-tuning updates when rollout routing, sparse indexer choices, and train-inference drift are not captured and replayed.",
+      "roi": "Stops verified-RL experiments from optimizing against a different execution path than the one served during rollout.",
+      "rollout": "Enable for any self-hosted model training, reward optimization, DPO export review, or policy update based on sparse-attention rollouts."
+    },
+    {
+      "id": "checkpoint-mixed-precision-determinism",
+      "name": "Checkpoint mixed-precision determinism",
+      "category": "Sparse Attention Runtime Safety",
+      "signal": "👎",
+      "defaultAction": "warn",
+      "severity": "high",
+      "pattern": "(fp4|fp8|mixed precision|quant).*(nondeterministic|spike|drift|missing deterministic)",
+      "problem": "Requires deterministic settings and sensitive FP32 path checks before mixed-precision inference or training results become routing evidence.",
+      "roi": "Keeps FP4/FP8 savings from producing silent numerical drift, noisy KL spikes, or false benchmark confidence.",
+      "rollout": "Start in warn mode for benchmarking and promote to block when mixed-precision results update routing, training, or customer-facing model choices."
+    },
+    {
+      "id": "checkpoint-long-context-throughput-regression",
+      "name": "Checkpoint long-context throughput regression",
+      "category": "Sparse Attention Runtime Safety",
+      "signal": "👎",
+      "defaultAction": "warn",
+      "severity": "medium",
+      "pattern": "(long context|decode throughput|tpot|latency).*(regression|drop|slowdown)",
+      "problem": "Requires a measured throughput comparison before long-context runtime changes are treated as performance improvements.",
+      "roi": "Prevents teams from adopting impressive-looking runtime changes that only work on narrow prompts or short contexts.",
+      "rollout": "Use in CI benchmark jobs and model-routing reviews whenever context length, cache policy, or speculation settings change."
+    },
+    {
+      "id": "require-ai-gateway-control-plane",
+      "name": "Require AI gateway control plane",
+      "category": "AI Engineering Stack Safety",
+      "signal": "👎",
+      "defaultAction": "block",
+      "severity": "critical",
+      "pattern": "(model|llm|provider).*(direct key|api key|no gateway|bypass gateway)",
+      "problem": "Blocks model-provider rollout when requests bypass a central gateway or proxy with cost, identity, provider, and retention controls.",
+      "roi": "Prevents leaked keys, fragmented spend, and invisible model usage before agent adoption scales across the company.",
+      "rollout": "Enable before adding new AI coding clients, model providers, or bring-your-own-key routes."
+    },
+    {
+      "id": "require-progressive-mcp-tool-discovery",
+      "name": "Require progressive MCP tool discovery",
+      "category": "AI Engineering Stack Safety",
+      "signal": "👎",
+      "defaultAction": "warn",
+      "severity": "high",
+      "pattern": "(mcp|tool schema|tool count).*(too many|context bloat|no code mode|no progressive discovery)",
+      "problem": "Requires large MCP surfaces to expose a small search/execute or progressive-discovery interface instead of loading every tool schema into every prompt.",
+      "roi": "Cuts token burn and context-window clutter while letting teams keep adding useful tools behind the portal.",
+      "rollout": "Start warning above 20 tools; promote to block for high-volume clients or expensive frontier-model workflows."
+    },
+    {
+      "id": "require-agent-context-freshness",
+      "name": "Require AGENTS.md and LLM wiki freshness",
+      "category": "AI Engineering Stack Safety",
+      "signal": "👎",
+      "defaultAction": "block",
+      "severity": "high",
+      "pattern": "(AGENTS\\.md|llm wiki|agent context).*(stale|missing|outdated|no owner|no test command)",
+      "problem": "Blocks agent work when repository instructions, ownership, dependencies, test commands, or LLM wiki pages are missing or stale.",
+      "roi": "Turns knowledge-base enthusiasm into reliable agent context instead of letting stale docs make plausible wrong changes.",
+      "rollout": "Regenerate on repo topology changes and require review from the owning team before the context becomes canonical."
+    },
+    {
+      "id": "require-risk-tiered-ai-review",
+      "name": "Require risk-tiered AI review",
+      "category": "AI Engineering Stack Safety",
+      "signal": "👎",
+      "defaultAction": "block",
+      "severity": "high",
+      "pattern": "(merge|pull request|review).*(no ai reviewer|no severity|no rule id|no standards)",
+      "problem": "Requires automated review to classify risk, cite standards-as-skills, and separate security, code quality, performance, docs, and release-impact findings.",
+      "roi": "Makes AI review actionable and auditable, reducing merge churn while converting standards into reusable agent feedback.",
+      "rollout": "Use lite review for trivial changes and full review for money, production, security, data, or customer-facing work."
+    },
+    {
+      "id": "require-sandboxed-background-agent-runtime",
+      "name": "Require sandboxed background agent runtime",
+      "category": "AI Engineering Stack Safety",
+      "signal": "👎",
+      "defaultAction": "block",
+      "severity": "critical",
+      "pattern": "(background agent|long running agent|autonomous agent).*(no sandbox|host machine|no durable session|no build log)",
+      "problem": "Blocks background agents from cloning, building, testing, or publishing unless they run in an isolated durable environment with logs.",
+      "roi": "Lets the team pursue unattended revenue and engineering workflows without turning local developer machines into the execution boundary.",
+      "rollout": "Enable for every agent that can run tests, push branches, deploy, publish content, change billing, or touch customer data."
     }
   ]
 }

package/config/mcp-allowlists.json

@@ -14,6 +14,11 @@
       "search_thumbgate",
       "plan_multimodal_retrieval",
       "plan_context_footprint",
+      "plan_agent_design_governance",
+      "plan_proactive_agent_eval_guardrails",
+      "plan_reward_hacking_guardrails",
+      "plan_oss_pr_opportunity_scout",
+      "plan_chatgpt_ads_readiness",
       "reflect_on_feedback",
       "feedback_stats",
       "diagnose_failure",
@@ -77,6 +82,11 @@
       "search_thumbgate",
       "plan_multimodal_retrieval",
       "plan_context_footprint",
+      "plan_agent_design_governance",
+      "plan_proactive_agent_eval_guardrails",
+      "plan_reward_hacking_guardrails",
+      "plan_oss_pr_opportunity_scout",
+      "plan_chatgpt_ads_readiness",
       "reflect_on_feedback",
       "prevention_rules",
       "set_task_scope",
@@ -124,6 +134,11 @@
       "search_thumbgate",
       "plan_multimodal_retrieval",
       "plan_context_footprint",
+      "plan_agent_design_governance",
+      "plan_proactive_agent_eval_guardrails",
+      "plan_reward_hacking_guardrails",
+      "plan_oss_pr_opportunity_scout",
+      "plan_chatgpt_ads_readiness",
       "feedback_stats",
       "diagnose_failure",
       "list_harnesses",
@@ -160,6 +175,11 @@
       "search_thumbgate",
       "plan_multimodal_retrieval",
       "plan_context_footprint",
+      "plan_agent_design_governance",
+      "plan_proactive_agent_eval_guardrails",
+      "plan_reward_hacking_guardrails",
+      "plan_oss_pr_opportunity_scout",
+      "plan_chatgpt_ads_readiness",
       "feedback_stats",
       "diagnose_failure",
       "list_harnesses",
@@ -192,6 +212,11 @@
       "retrieve_lessons",
       "search_thumbgate",
       "plan_context_footprint",
+      "plan_agent_design_governance",
+      "plan_proactive_agent_eval_guardrails",
+      "plan_reward_hacking_guardrails",
+      "plan_oss_pr_opportunity_scout",
+      "plan_chatgpt_ads_readiness",
       "diagnose_failure",
       "list_intents",
       "plan_intent",

package/config/model-candidates.json

@@ -23,17 +23,20 @@
     "long-trace-review": {
       "label": "Long trace review",
       "summary": "Review long agent traces, multi-step failures, and large-context coding sessions without dropping important detail.",
-      "desiredStrengths": ["long-horizon-coding", "multi-agent", "reliability"],
+      "desiredStrengths": ["long-horizon-coding", "multi-agent", "reliability", "long-context"],
       "targetContextWindow": 128000,
       "benchmarkCommands": [
         "npx thumbgate eval --from-feedback --json --min-score=0",
         "node scripts/gate-eval.js run",
-        "npx thumbgate bench --json --min-score=90"
+        "npx thumbgate bench --json --min-score=90",
+        "npx thumbgate deepseek-v4-runtime-guardrails --context-tokens=900000 --hybrid-attention --speculative-decoding --json"
       ],
       "metrics": [
         "passRate",
         "longContextReliability",
         "traceCompressionLoss",
+        "cacheCoherencePassRate",
+        "speculativeAcceptLength",
         "medianLatencyMs",
         "costPerTraceUsd"
       ]
@@ -54,9 +57,63 @@
         "costPer1kActionsUsd",
         "escalationRate"
       ]
+    },
+    "dashboard-analysis": {
+      "label": "Dashboard and dataset analysis",
+      "summary": "Evaluate frontier models for dataset analysis, chart generation, dashboard planning, and proof-backed insight quality before routing expensive analytical work.",
+      "desiredStrengths": ["data-analysis", "dashboard-creation", "charting", "long-context", "reliability"],
+      "targetContextWindow": 200000,
+      "benchmarkCommands": [
+        "npx thumbgate eval --from-feedback --json --min-score=0",
+        "node scripts/gate-eval.js run",
+        "npx thumbgate bench --json --min-score=90"
+      ],
+      "metrics": [
+        "insightAccuracy",
+        "chartSpecValidity",
+        "dashboardCompleteness",
+        "longContextReliability",
+        "medianLatencyMs",
+        "costPerAnalysisUsd"
+      ]
     }
   },
   "candidates": [
+    {
+      "id": "self-hosted/deepseek-v4-flash-sglang",
+      "vendor": "DeepSeek",
+      "family": "deepseek",
+      "provider": "self-hosted",
+      "gateway": "sglang",
+      "model": "deepseek-v4-flash",
+      "contextWindow": 1000000,
+      "costClass": "medium",
+      "strengths": ["long-context", "fast-inference", "reliability", "long-horizon-coding"],
+      "notes": "Self-hosted long-context candidate for teams that can operate SGLang-class sparse-attention serving. Requires ThumbGate runtime guardrails before routing production traces."
+    },
+    {
+      "id": "self-hosted/deepseek-v4-pro-sglang",
+      "vendor": "DeepSeek",
+      "family": "deepseek",
+      "provider": "self-hosted",
+      "gateway": "sglang",
+      "model": "deepseek-v4-pro",
+      "contextWindow": 1000000,
+      "costClass": "high",
+      "strengths": ["long-context", "reliability", "long-horizon-coding", "multi-agent"],
+      "notes": "High-capacity self-hosted candidate for long-trace review and verified-RL experiments. Benchmark cache coherence, speculative decoding, KV offload, and train-inference drift before use."
+    },
+    {
+      "id": "openai/gpt-5.5",
+      "vendor": "OpenAI",
+      "family": "gpt",
+      "provider": "openai",
+      "model": "gpt-5.5",
+      "contextWindow": 1000000,
+      "costClass": "high",
+      "strengths": ["agentic-coding", "tool-use", "reliability", "long-context", "data-analysis", "dashboard-creation", "charting"],
+      "notes": "Frontier candidate for complex reasoning, coding, dataset analysis, and dashboard workflows. Benchmark before routing high-volume or cost-sensitive work."
+    },
     {
       "id": "anthropic/claude-haiku-4-5",
       "vendor": "Anthropic",

package/config/model-tiers.json

@@ -3,18 +3,21 @@
   "tiers": {
     "nano": {
       "label": "GPT-5.4 nano",
+      "modelId": "gpt-5.4-nano",
       "taskTypes": ["classification", "extraction", "ranking", "labeling", "summarization"],
       "maxContextTokens": 32000,
       "costMultiplier": 0.1
     },
     "mini": {
       "label": "GPT-5.4 mini",
+      "modelId": "gpt-5.4-mini",
       "taskTypes": ["code-edit", "test-generation", "review", "tool-use", "debugging"],
       "maxContextTokens": 200000,
       "costMultiplier": 0.4
     },
     "frontier": {
-      "label": "GPT-5.4",
+      "label": "GPT-5.5",
+      "modelId": "gpt-5.5",
       "taskTypes": ["architecture", "cross-file", "complex-debugging", "large-context"],
       "maxContextTokens": 1000000,
       "costMultiplier": 1.0,