thumbgate 1.16.13 → 1.16.20

package/scripts/single-use-credential-gate.js

@@ -0,0 +1,182 @@
+#!/usr/bin/env node
+'use strict';
+
+/**
+ * Single-Use Credential Gate
+ *
+ * Converts the Link CLI pattern into local ThumbGate policy: risky agent
+ * actions should request narrow, one-time credentials with synchronous
+ * approval instead of reusing long-lived secrets.
+ */
+
+const crypto = require('node:crypto');
+const path = require('node:path');
+
+const DEFAULT_TTL_SECONDS = 300;
+const RISK_PATTERNS = [
+  { tag: 'purchase', pattern: /\b(buy|buys|buying|purchase|purchases|checkout|payment|gumroad|stripe|card)\b/i },
+  { tag: 'credential', pattern: /\b(token|secret|credential|api[_-]?key|oauth|login)\b/i },
+  { tag: 'deploy', pattern: /\b(deploy|production|railway|release)\b/i },
+  { tag: 'external-write', pattern: /\b(post|reply|send|email|upload|publish|create order)\b/i },
+];
+
+function planSingleUseCredentialRequest(action = {}, options = {}) {
+  const text = buildActionText(action);
+  const riskTags = RISK_PATTERNS.filter((item) => item.pattern.test(text)).map((item) => item.tag);
+  const highRisk = riskTags.length > 0 || Boolean(action.requiresCredential);
+  const scope = normalizeScope(action.scope || inferScope(text));
+  const ttlSeconds = clamp(Number(action.ttlSeconds || options.ttlSeconds || DEFAULT_TTL_SECONDS), 30, 900);
+
+  return {
+    required: highRisk,
+    riskTags,
+    scope,
+    ttlSeconds,
+    singleUse: true,
+    approvalMode: highRisk ? 'synchronous' : 'not-required',
+    approvalPrompt: highRisk
+      ? `Approve one-time credential for ${scope.resource} (${scope.operation})? Expires in ${ttlSeconds}s and cannot be reused.`
+      : 'No credential approval required.',
+    deniedReasons: buildDeniedReasons(action, scope),
+  };
+}
+
+function mintCredentialGrant(request = {}, approval = {}) {
+  const approved = Boolean(approval.approved);
+  return {
+    grantId: `cred_${Date.now()}_${crypto.randomBytes(4).toString('hex')}`,
+    approved,
+    singleUse: request.singleUse !== false,
+    scope: normalizeScope(request.scope),
+    issuedAt: new Date().toISOString(),
+    expiresAt: new Date(Date.now() + (Number(request.ttlSeconds || DEFAULT_TTL_SECONDS) * 1000)).toISOString(),
+    approvedBy: approval.approvedBy || null,
+    approvalEvidence: approval.evidence || null,
+    usedAt: null,
+  };
+}
+
+function evaluateCredentialUse(grant = {}, action = {}, now = new Date()) {
+  const reasons = [];
+  if (!grant.approved) reasons.push('credential_not_approved');
+  if (!grant.singleUse) reasons.push('credential_not_single_use');
+  if (grant.usedAt) reasons.push('credential_already_used');
+  if (grant.expiresAt && new Date(grant.expiresAt).getTime() < now.getTime()) reasons.push('credential_expired');
+
+  const actionScope = normalizeScope(action.scope || inferScope(buildActionText(action)));
+  const grantScope = normalizeScope(grant.scope);
+  if (!scopeAllows(grantScope, actionScope)) reasons.push('credential_scope_mismatch');
+
+  return {
+    allowed: reasons.length === 0,
+    reasons,
+    grantId: grant.grantId || null,
+    requiredScope: actionScope,
+    grantedScope: grantScope,
+  };
+}
+
+function markCredentialUsed(grant = {}, now = new Date()) {
+  return {
+    ...grant,
+    usedAt: now.toISOString(),
+  };
+}
+
+function buildActionText(action = {}) {
+  return [
+    action.command,
+    action.intent,
+    action.description,
+    action.url,
+    ...(action.tags || []),
+  ].filter(Boolean).join(' ');
+}
+
+function inferScope(text = '') {
+  if (/\b(stripe|checkout|payment|card)\b/i.test(text)) return { resource: 'payments', operation: 'write' };
+  if (/\b(gumroad|buy|buys|buying|purchase|purchases)\b/i.test(text)) return { resource: 'purchase', operation: 'create' };
+  if (/\b(deploy|railway|production)\b/i.test(text)) return { resource: 'deployment', operation: 'write' };
+  if (/\b(post|reply|email|send|publish)\b/i.test(text)) return { resource: 'external-message', operation: 'send' };
+  return { resource: 'local', operation: 'read' };
+}
+
+function normalizeScope(scope = {}) {
+  if (typeof scope === 'string') {
+    const [resource, operation = 'use'] = scope.split(':');
+    return { resource: resource || 'local', operation };
+  }
+  return {
+    resource: String(scope.resource || 'local'),
+    operation: String(scope.operation || 'read'),
+  };
+}
+
+function scopeAllows(granted, required) {
+  if (granted.resource === '*') return true;
+  if (granted.resource !== required.resource) return false;
+  return granted.operation === '*' || granted.operation === required.operation;
+}
+
+function buildDeniedReasons(action, scope) {
+  const reasons = [];
+  if (action.persistent === true) reasons.push('persistent_credentials_not_allowed');
+  if (scope.resource === '*' || scope.operation === '*') reasons.push('credential_scope_too_broad');
+  return reasons;
+}
+
+function clamp(value, min, max) {
+  if (!Number.isFinite(value)) return min;
+  return Math.min(max, Math.max(min, value));
+}
+
+function formatCredentialPlan(plan = {}) {
+  return [
+    '# Single-Use Credential Plan',
+    '',
+    `Required: ${plan.required ? 'yes' : 'no'}`,
+    `Approval mode: ${plan.approvalMode}`,
+    `Scope: ${plan.scope?.resource}:${plan.scope?.operation}`,
+    `TTL seconds: ${plan.ttlSeconds}`,
+    `Denied reasons: ${(plan.deniedReasons || []).join(', ') || 'none'}`,
+    '',
+    plan.approvalPrompt || '',
+    '',
+  ].join('\n');
+}
+
+function parseArgs(argv = process.argv.slice(2)) {
+  const args = { command: argv[0] || 'plan', intent: '' };
+  for (const arg of argv.slice(1)) {
+    if (arg.startsWith('--intent=')) args.intent = arg.slice('--intent='.length);
+    if (arg.startsWith('--action=')) args.intent = arg.slice('--action='.length);
+    if (arg.startsWith('--description=')) args.description = arg.slice('--description='.length);
+    if (arg.startsWith('--scope=')) args.scope = arg.slice('--scope='.length);
+  }
+  return args;
+}
+
+function isCliInvocation(argv = process.argv) {
+  return Boolean(argv[1] && path.resolve(argv[1]) === __filename);
+}
+
+if (isCliInvocation()) {
+  const args = parseArgs();
+  const plan = planSingleUseCredentialRequest(args);
+  if (args.command === 'json') {
+    console.log(JSON.stringify(plan, null, 2));
+  } else if (args.command === 'plan') {
+    console.log(formatCredentialPlan(plan));
+  } else {
+    console.error(`Unknown command: ${args.command}. Use: plan, json`);
+    process.exit(1);
+  }
+}
+
+module.exports = {
+  evaluateCredentialUse,
+  formatCredentialPlan,
+  markCredentialUsed,
+  mintCredentialGrant,
+  planSingleUseCredentialRequest,
+};

package/scripts/structured-prompt-driven.js

@@ -0,0 +1,226 @@
+#!/usr/bin/env node
+'use strict';
+
+/**
+ * Structured Prompt-Driven Development (SPDD) Gate
+ *
+ * Makes code-generation prompts governable artifacts by requiring a compact
+ * REASONS canvas before risky implementation work proceeds.
+ */
+
+const path = require('node:path');
+
+const FIELD_DEFINITIONS = [
+  ['requirements', 'Problem, business value, scope, and definition of done.'],
+  ['entities', 'Domain nouns, relationships, and data contracts.'],
+  ['approach', 'Strategy for satisfying the requirements.'],
+  ['structure', 'Files, modules, dependencies, and integration boundaries.'],
+  ['operations', 'Concrete, testable implementation steps.'],
+  ['norms', 'Reusable engineering standards and team conventions.'],
+  ['safeguards', 'Non-negotiable constraints, risks, and verification gates.'],
+];
+
+const FIELD_KEYS = FIELD_DEFINITIONS.map(([key]) => key);
+
+function buildReasonsCanvas(input = {}) {
+  const source = typeof input === 'string' ? { request: input } : input;
+  const request = String(source.request || source.story || source.task || '').trim();
+  const canvas = {};
+
+  for (const key of FIELD_KEYS) {
+    canvas[key] = normalizeList(source[key]);
+  }
+
+  if (request && canvas.requirements.length === 0) {
+    canvas.requirements.push(request);
+  }
+  if (source.acceptanceCriteria) {
+    canvas.requirements.push(...normalizeList(source.acceptanceCriteria));
+  }
+  if (source.files || source.changedFiles) {
+    canvas.structure.push(...normalizeList(source.files || source.changedFiles));
+  }
+  if (source.tests || source.verification) {
+    canvas.safeguards.push(...normalizeList(source.tests || source.verification).map((item) => `Verification: ${item}`));
+  }
+  if (canvas.norms.length === 0) {
+    canvas.norms.push('Keep prompt, code, and tests synchronized in version control.');
+  }
+  if (canvas.safeguards.length === 0) {
+    canvas.safeguards.push('Do not claim completion without passing verification evidence.');
+  }
+
+  return {
+    title: source.title || inferTitle(request),
+    canvas,
+    source: {
+      request,
+      artifactPath: source.artifactPath || 'docs/prompts/<feature>.reasons.md',
+    },
+  };
+}
+
+function evaluateReasonsCanvas(document = {}, options = {}) {
+  const canvas = document.canvas || document;
+  const gates = [];
+  const missing = FIELD_KEYS.filter((key) => normalizeList(canvas[key]).length === 0);
+
+  for (const key of missing) {
+    gates.push({
+      id: `missing-${key}`,
+      severity: key === 'requirements' || key === 'safeguards' ? 'block' : 'warn',
+      reason: `${labelFor(key)} is empty; the agent lacks a governed ${key} boundary.`,
+    });
+  }
+
+  const operations = normalizeList(canvas.operations);
+  if (operations.length > 0 && !operations.some(isTestableOperation)) {
+    gates.push({
+      id: 'operations-not-testable',
+      severity: 'block',
+      reason: 'At least one operation must be concrete and testable before code generation.',
+    });
+  }
+
+  const safeguards = normalizeList(canvas.safeguards).join('\n');
+  if (!/\b(tests?|verify|verification|evidence|gate|security|privacy|rollback|performance)\b/i.test(safeguards)) {
+    gates.push({
+      id: 'safeguards-without-verification',
+      severity: 'block',
+      reason: 'Safeguards must name verification, evidence, or non-negotiable risk controls.',
+    });
+  }
+
+  const changedFiles = normalizeList(options.changedFiles);
+  const structure = normalizeList(canvas.structure).join('\n');
+  if (changedFiles.length > 0 && !changedFiles.some((file) => structure.includes(file) || structure.includes(path.basename(file)))) {
+    gates.push({
+      id: 'code-prompt-drift',
+      severity: 'warn',
+      reason: 'Changed files are not represented in the prompt structure; sync the canvas before review.',
+    });
+  }
+
+  const hardBlocks = gates.filter((gate) => gate.severity === 'block');
+  const warnings = gates.filter((gate) => gate.severity === 'warn');
+  return {
+    allowed: hardBlocks.length === 0,
+    score: Math.max(0, 100 - (hardBlocks.length * 30) - (warnings.length * 10)),
+    gates,
+    missing,
+    recommendation: hardBlocks.length
+      ? 'Fix the structured prompt before generating or merging code.'
+      : warnings.length
+        ? 'Proceed only after syncing prompt drift and documenting review evidence.'
+        : 'Structured prompt is ready for code generation and review.',
+  };
+}
+
+function buildPromptSyncPlan(document = {}, changes = {}) {
+  const evaluation = evaluateReasonsCanvas(document, changes);
+  const changedFiles = normalizeList(changes.changedFiles);
+  const verification = normalizeList(changes.verification || changes.tests);
+  return {
+    promptFirst: evaluation.allowed,
+    artifactPath: document.source?.artifactPath || changes.artifactPath || 'docs/prompts/<feature>.reasons.md',
+    requiredUpdates: [
+      ...(evaluation.gates || []).map((gate) => gate.id),
+      ...(changedFiles.length ? ['sync-structure-with-changed-files'] : []),
+      ...(verification.length ? ['attach-verification-evidence'] : ['add-verification-evidence']),
+    ],
+    reviewChecklist: [
+      'Review intent and scope before reviewing code diff.',
+      'Confirm operations map to focused tests.',
+      'Update the canvas when implementation reality diverges.',
+      'Store prompt artifact beside the feature or PR evidence.',
+    ],
+  };
+}
+
+function formatReasonsCanvas(document = {}, evaluation = evaluateReasonsCanvas(document)) {
+  const canvas = document.canvas || document;
+  return [
+    `# ${document.title || 'Structured Prompt Canvas'}`,
+    '',
+    `Artifact: ${document.source?.artifactPath || 'docs/prompts/<feature>.reasons.md'}`,
+    `Readiness: ${evaluation.allowed ? 'ready' : 'blocked'} (${evaluation.score}/100)`,
+    '',
+    ...FIELD_DEFINITIONS.flatMap(([key, description]) => [
+      `## ${labelFor(key)}`,
+      '',
+      `_${description}_`,
+      '',
+      ...renderList(normalizeList(canvas[key])),
+      '',
+    ]),
+    '## Gates',
+    '',
+    ...(evaluation.gates.length ? evaluation.gates.map((gate) => `- ${gate.severity}: ${gate.id} — ${gate.reason}`) : ['- pass: canvas-ready — Structured prompt is complete enough to govern generation.']),
+    '',
+    `Recommendation: ${evaluation.recommendation}`,
+    '',
+  ].join('\n');
+}
+
+function normalizeList(value) {
+  if (!value) return [];
+  if (Array.isArray(value)) return value.map((item) => String(item).trim()).filter(Boolean);
+  return String(value)
+    .split(/\n|;/)
+    .map((item) => item.replace(/^[-*]\s*/, '').trim())
+    .filter(Boolean);
+}
+
+function renderList(items) {
+  return items.length ? items.map((item) => `- ${item}`) : ['- <missing>'];
+}
+
+function labelFor(key) {
+  return key.charAt(0).toUpperCase() + key.slice(1);
+}
+
+function isTestableOperation(operation) {
+  return /\b(add|update|remove|implement|verify|test|run|assert|block|allow|return|emit)\b/i.test(operation);
+}
+
+function inferTitle(request) {
+  if (!request) return 'Structured Prompt Canvas';
+  return request.length > 70 ? `${request.slice(0, 67)}...` : request;
+}
+
+function parseArgs(argv = process.argv.slice(2)) {
+  const args = { command: argv[0] || 'canvas', request: '' };
+  for (const arg of argv.slice(1)) {
+    if (arg.startsWith('--request=')) args.request = arg.slice('--request='.length);
+    if (arg.startsWith('--file=')) args.files = [...(args.files || []), arg.slice('--file='.length)];
+    if (arg.startsWith('--test=')) args.tests = [...(args.tests || []), arg.slice('--test='.length)];
+    if (arg.startsWith('--operation=')) args.operations = [...(args.operations || []), arg.slice('--operation='.length)];
+    if (arg.startsWith('--safeguard=')) args.safeguards = [...(args.safeguards || []), arg.slice('--safeguard='.length)];
+  }
+  return args;
+}
+
+function isCliInvocation(argv = process.argv) {
+  return Boolean(argv[1] && path.resolve(argv[1]) === __filename);
+}
+
+if (isCliInvocation()) {
+  const args = parseArgs();
+  const document = buildReasonsCanvas(args);
+  const evaluation = evaluateReasonsCanvas(document, { changedFiles: args.files });
+  if (args.command === 'json') {
+    console.log(JSON.stringify({ document, evaluation, syncPlan: buildPromptSyncPlan(document, { changedFiles: args.files, tests: args.tests }) }, null, 2));
+  } else if (args.command === 'canvas') {
+    console.log(formatReasonsCanvas(document, evaluation));
+  } else {
+    console.error(`Unknown command: ${args.command}. Use: canvas, json`);
+    process.exit(1);
+  }
+}
+
+module.exports = {
+  buildPromptSyncPlan,
+  buildReasonsCanvas,
+  evaluateReasonsCanvas,
+  formatReasonsCanvas,
+};

package/scripts/telemetry-analytics.js

@@ -19,6 +19,7 @@ const MARKETING_CLICK_EVENT_TYPES = new Set([
   'cta_click',
   'checkout_start',
   'checkout_bootstrap',
+  'checkout_interstitial_cta_clicked',
   'chatgpt_gpt_open',
   'chatgpt_gpt_click',
   'install_guide_click',
@@ -324,6 +325,7 @@ function sanitizeTelemetryPayload(payload = {}, headers = {}) {
     maxScrollPercent: normalizeInteger(raw.maxScrollPercent ?? raw.scrollPercent),
     buyerEmailFocused: Boolean(raw.buyerEmailFocused),
     buyerEmailCaptured: Boolean(raw.buyerEmailCaptured),
+    checkoutIntentClassification: pickFirstText(raw.checkoutIntentClassification),
     trafficChannel: inferTrafficChannel(raw, referrerHost),
     failureCode: pickFirstText(raw.failureCode),
     httpStatus: normalizeInteger(raw.httpStatus),
@@ -344,9 +346,31 @@ function appendTelemetryEvent(feedbackDir, payload = {}, headers = {}) {
   return entry;
 }
 
-function loadTelemetryEventsFromPath(filePath) {
-  if (!fs.existsSync(filePath)) return [];
-  const raw = fs.readFileSync(filePath, 'utf-8').trim();
+const DEFAULT_BOUNDED_TELEMETRY_TAIL_BYTES = 8 * 1024 * 1024;
+
+function readTelemetryText(filePath, options = {}) {
+  if (!fs.existsSync(filePath)) return '';
+  const maxBytes = Number(options.maxBytes || 0);
+  if (maxBytes > 0) {
+    const stats = fs.statSync(filePath);
+    if (stats.size > maxBytes) {
+      const fd = fs.openSync(filePath, 'r');
+      try {
+        const buffer = Buffer.alloc(maxBytes);
+        fs.readSync(fd, buffer, 0, maxBytes, stats.size - maxBytes);
+        const text = buffer.toString('utf-8');
+        const firstNewline = text.indexOf('\n');
+        return firstNewline >= 0 ? text.slice(firstNewline + 1) : text;
+      } finally {
+        fs.closeSync(fd);
+      }
+    }
+  }
+  return fs.readFileSync(filePath, 'utf-8');
+}
+
+function loadTelemetryEventsFromPath(filePath, options = {}) {
+  const raw = readTelemetryText(filePath, options).trim();
   if (!raw) return [];
   return raw
     .split('\n')
@@ -365,13 +389,13 @@ function loadTelemetryEventsFromPath(filePath) {
     .filter(Boolean);
 }
 
-function loadTelemetryEvents(feedbackDir) {
+function loadTelemetryEvents(feedbackDir, options = {}) {
   const diagnostics = getTelemetrySourceDiagnostics(feedbackDir);
   const merged = [];
   const seen = new Set();
 
   for (const filePath of diagnostics.activePaths) {
-    const rows = loadTelemetryEventsFromPath(filePath);
+    const rows = loadTelemetryEventsFromPath(filePath, options);
     for (const row of rows) {
       const key = JSON.stringify(row);
       if (seen.has(key)) continue;
@@ -406,8 +430,11 @@ function summarizeRecentEvents(events) {
 
 function getTelemetrySummary(feedbackDir, options = {}) {
   const analyticsWindow = resolveAnalyticsWindow(options);
+  const telemetryLoadOptions = analyticsWindow.bounded
+    ? { maxBytes: Number(options.telemetryTailBytes || DEFAULT_BOUNDED_TELEMETRY_TAIL_BYTES) }
+    : {};
   const events = filterEntriesForWindow(
-    loadTelemetryEvents(feedbackDir),
+    loadTelemetryEvents(feedbackDir, telemetryLoadOptions),
     analyticsWindow,
     (entry) => entry && (entry.receivedAt || entry.timestamp)
   );
@@ -465,6 +492,14 @@ function getTelemetrySummary(feedbackDir, options = {}) {
   let ctaClicks = 0;
   let ctaImpressions = 0;
   let checkoutStarts = 0;
+  let checkoutInterstitialViews = 0;
+  let checkoutBotDeflections = 0;
+  let checkoutInterstitialClicks = 0;
+  let checkoutInterstitialProConfirms = 0;
+  let checkoutInterstitialWorkflowIntakeClicks = 0;
+  let checkoutInterstitialTeamPathClicks = 0;
+  let checkoutInterstitialDiagnosticCheckoutClicks = 0;
+  let checkoutInterstitialWorkflowSprintCheckoutClicks = 0;
   let checkoutFailures = 0;
   let checkoutCancelled = 0;
   let checkoutAbandoned = 0;
@@ -536,6 +571,29 @@ function getTelemetrySummary(feedbackDir, options = {}) {
         }
       }
 
+      if ((entry.eventType || entry.event) === 'checkout_interstitial_view') {
+        checkoutInterstitialViews += 1;
+      }
+
+      if ((entry.eventType || entry.event) === 'checkout_bot_deflected') {
+        checkoutBotDeflections += 1;
+      }
+
+      if ((entry.eventType || entry.event) === 'checkout_interstitial_cta_clicked') {
+        checkoutInterstitialClicks += 1;
+        if (entry.ctaId === 'pro_checkout_confirmed') {
+          checkoutInterstitialProConfirms += 1;
+        } else if (entry.ctaId === 'workflow_sprint_intake') {
+          checkoutInterstitialWorkflowIntakeClicks += 1;
+        } else if (entry.ctaId === 'team_paid_path') {
+          checkoutInterstitialTeamPathClicks += 1;
+        } else if (entry.ctaId === 'sprint_diagnostic_checkout') {
+          checkoutInterstitialDiagnosticCheckoutClicks += 1;
+        } else if (entry.ctaId === 'workflow_sprint_checkout') {
+          checkoutInterstitialWorkflowSprintCheckoutClicks += 1;
+        }
+      }
+
       if ((entry.eventType || entry.event) === 'checkout_start' || (entry.eventType || entry.event) === 'checkout_bootstrap') {
         checkoutStarts += 1;
         incrementCounter(checkoutStartsBySource, entry.source);
@@ -712,11 +770,15 @@ function getTelemetrySummary(feedbackDir, options = {}) {
       installCopies,
       gptOpens,
       checkoutStarts,
+      checkoutInterstitialViews,
+      checkoutInterstitialClicks,
       trialEmails,
       proConversions,
       landingToInstallCopyRate: safeRate(installCopies, pageViews),
       landingToGptOpenRate: safeRate(gptOpens, pageViews),
       landingToCheckoutRate: safeRate(checkoutStarts, pageViews),
+      checkoutInterstitialClickRate: safeRate(checkoutInterstitialClicks, checkoutInterstitialViews),
+      checkoutInterstitialProConfirmRate: safeRate(checkoutInterstitialProConfirms, checkoutInterstitialViews),
       checkoutToTrialEmailRate: safeRate(trialEmails, checkoutStarts),
       checkoutToProConversionRate: safeRate(proConversions, checkoutStarts),
     },
@@ -728,6 +790,14 @@ function getTelemetrySummary(feedbackDir, options = {}) {
       pageViews,
       ctaClicks,
       checkoutStarts,
+      checkoutInterstitialViews,
+      checkoutBotDeflections,
+      checkoutInterstitialClicks,
+      checkoutInterstitialProConfirms,
+      checkoutInterstitialWorkflowIntakeClicks,
+      checkoutInterstitialTeamPathClicks,
+      checkoutInterstitialDiagnosticCheckoutClicks,
+      checkoutInterstitialWorkflowSprintCheckoutClicks,
       checkoutFailures,
       checkoutCancelled,
       checkoutAbandoned,
@@ -890,6 +960,14 @@ function getTelemetryAnalytics(feedbackDir, options = {}) {
     ctas: {
       totalClicks: summary.web.ctaClicks,
       checkoutStarts: summary.web.checkoutStarts,
+      checkoutInterstitialViews: summary.web.checkoutInterstitialViews,
+      checkoutBotDeflections: summary.web.checkoutBotDeflections,
+      checkoutInterstitialClicks: summary.web.checkoutInterstitialClicks,
+      checkoutInterstitialProConfirms: summary.web.checkoutInterstitialProConfirms,
+      checkoutInterstitialWorkflowIntakeClicks: summary.web.checkoutInterstitialWorkflowIntakeClicks,
+      checkoutInterstitialTeamPathClicks: summary.web.checkoutInterstitialTeamPathClicks,
+      checkoutInterstitialDiagnosticCheckoutClicks: summary.web.checkoutInterstitialDiagnosticCheckoutClicks,
+      checkoutInterstitialWorkflowSprintCheckoutClicks: summary.web.checkoutInterstitialWorkflowSprintCheckoutClicks,
       uniqueCheckoutStarters: summary.web.uniqueCheckoutStarters,
       checkoutFailures: summary.web.checkoutFailures,
       checkoutCancelled: summary.web.checkoutCancelled,
@@ -925,6 +1003,30 @@ function getTelemetryAnalytics(feedbackDir, options = {}) {
       pageViewToCheckoutRate: summary.web.pageViewToCheckoutRate,
       visitorToCheckoutRate: summary.web.visitorToCheckoutRate,
       clickToCheckoutRate: safeRate(summary.web.checkoutStarts, summary.web.ctaClicks),
+      checkoutInterstitialClickRate: safeRate(
+        summary.web.checkoutInterstitialClicks,
+        summary.web.checkoutInterstitialViews
+      ),
+      checkoutInterstitialProConfirmRate: safeRate(
+        summary.web.checkoutInterstitialProConfirms,
+        summary.web.checkoutInterstitialViews
+      ),
+      checkoutInterstitialWorkflowIntakeRate: safeRate(
+        summary.web.checkoutInterstitialWorkflowIntakeClicks,
+        summary.web.checkoutInterstitialViews
+      ),
+      checkoutInterstitialTeamPathRate: safeRate(
+        summary.web.checkoutInterstitialTeamPathClicks,
+        summary.web.checkoutInterstitialViews
+      ),
+      checkoutInterstitialDiagnosticCheckoutRate: safeRate(
+        summary.web.checkoutInterstitialDiagnosticCheckoutClicks,
+        summary.web.checkoutInterstitialViews
+      ),
+      checkoutInterstitialWorkflowSprintCheckoutRate: safeRate(
+        summary.web.checkoutInterstitialWorkflowSprintCheckoutClicks,
+        summary.web.checkoutInterstitialViews
+      ),
       cancellationRate: safeRate(summary.web.checkoutCancelled, summary.web.checkoutStarts),
       abandonmentRate: safeRate(summary.web.checkoutAbandoned, summary.web.checkoutStarts),
       paidConfirmationRate: safeRate(summary.web.checkoutPaidConfirmations, summary.web.checkoutStarts),