thumbgate 1.18.0 → 1.20.0

package/public/federal.html

@@ -0,0 +1,375 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+<meta charset="UTF-8">
+<meta name="viewport" content="width=device-width, initial-scale=1.0">
+__GOOGLE_SITE_VERIFICATION_META__
+<title>ThumbGate for Federal Agencies | Auditable pre-action gates for AI coding agents</title>
+<meta name="description" content="ThumbGate is a pre-action enforcement layer for AI coding agents used inside federal agencies. Auditable agent behavior, agency-owned policy, vendor-neutral. Pilot-ready posture mapped to NIST 800-53 and OMB M-24-10.">
+<meta property="og:title" content="ThumbGate for Federal Agencies">
+<meta property="og:description" content="Auditable pre-action gates for AI coding agents inside federal agencies. Maps to NIST 800-53 (AC-3, AU-2/3/12, CM-3, IR-4, SI-4) and OMB M-24-10. Air-gapped deployment via ThumbGate-Core gov mode.">
+<meta property="og:type" content="website">
+<meta property="og:url" content="__APP_ORIGIN__/federal">
+<link rel="canonical" href="__APP_ORIGIN__/federal">
+<link rel="icon" type="image/png" href="/thumbgate-icon.png">
+<link rel="apple-touch-icon" href="/assets/brand/thumbgate-mark.svg">
+<meta property="og:image" content="/og.png">
+<meta name="keywords" content="ThumbGate federal, AI agent governance federal, NIST 800-53 AI agent, OMB M-24-10, EO 14110, FedRAMP AI coding agent, federal AI use case inventory, agent audit log, agency AI policy enforcement, Bedrock GovCloud, Azure Government AI, SBIR AI governance">
+
+<script defer data-domain="thumbgate-production.up.railway.app" src="https://plausible.io/js/script.js"></script>
+__GA_BOOTSTRAP__
+
+<script>
+  const gaMeasurementId = '__GA_MEASUREMENT_ID__';
+  const serverVisitorId = '__SERVER_VISITOR_ID__';
+  const serverSessionId = '__SERVER_SESSION_ID__';
+  const serverAcquisitionId = '__SERVER_ACQUISITION_ID__';
+  const serverTelemetryCaptured = '__SERVER_TELEMETRY_CAPTURED__' === 'true';
+</script>
+
+<script type="application/ld+json">
+{
+  "@context": "https://schema.org",
+  "@type": "SoftwareApplication",
+  "name": "ThumbGate for Federal Agencies",
+  "applicationCategory": "DeveloperApplication",
+  "operatingSystem": "Cross-platform, Node.js >=18.18.0",
+  "description": "Pre-action enforcement layer for AI coding agents used inside federal agencies. Produces auditable agent behavior evidence mapped to NIST 800-53 Rev 5 and OMB M-24-10. Vendor-neutral across Claude Code, Cursor, Codex, Gemini, Amp, Cline, OpenCode.",
+  "url": "__APP_ORIGIN__/federal",
+  "dateModified": "2026-05-13",
+  "creator": { "@type": "Person", "name": "Igor Ganapolsky", "url": "https://github.com/IgorGanapolsky" },
+  "audience": { "@type": "Audience", "audienceType": "Federal agency AI use-case owners, CIOs, CTOs, SBIR program managers, federal systems integrators" }
+}
+</script>
+
+<script type="application/ld+json">
+{
+  "@context": "https://schema.org",
+  "@type": "FAQPage",
+  "mainEntity": [
+    { "@type": "Question", "name": "Is ThumbGate FedRAMP authorized?", "acceptedAnswer": { "@type": "Answer", "text": "Not yet. ThumbGate has a pilot-ready posture and is targeting FedRAMP Low baseline via agency sponsorship. ThumbGate-Core gov mode supports on-prem and government cloud deployment for pilot work in research enclaves and innovation labs." } },
+    { "@type": "Question", "name": "Does ThumbGate require sending agency data to a public LLM?", "acceptedAnswer": { "@type": "Answer", "text": "No. ThumbGate-Core gov mode routes all model calls through Bedrock GovCloud or Azure Government. Air-gapped installs are supported with no telemetry and no auto-update. The enforcement engine itself runs locally and does not require any model call to make a gate decision." } },
+    { "@type": "Question", "name": "Which NIST 800-53 controls does ThumbGate produce evidence for?", "acceptedAnswer": { "@type": "Answer", "text": "AC-3, AC-6, AU-2, AU-3, AU-12, CM-3, CM-7, IR-4, RA-5, SI-4, and SI-7. Full mapping is published in the public docs/FEDERAL.md document on GitHub." } },
+    { "@type": "Question", "name": "How does ThumbGate align with OMB M-24-10?", "acceptedAnswer": { "@type": "Answer", "text": "Gate-decision telemetry produces a continuous AI use-case inventory required under §5(a). Pre-action evidence gates enforce minimum risk-management practices required under §5(c) for safety- and rights-impacting AI. Structured audit logs are exportable for the §5(d) annual disclosure cycle." } },
+    { "@type": "Question", "name": "Does using ThumbGate inside an agency affect open-source contributors?", "acceptedAnswer": { "@type": "Answer", "text": "No. Federal capabilities are an additive Core deployment profile, not a fork. The open-source ThumbGate that developers install from npm is byte-identical regardless of any federal work happening in ThumbGate-Core. Five architectural invariants protecting the dev product are pinned by regression tests." } },
+    { "@type": "Question", "name": "What does a pilot look like?", "acceptedAnswer": { "@type": "Answer", "text": "A 30-minute scoping call to identify one agent workflow inside the agency. ThumbGate-Core gov mode installed in an isolated environment. Two weeks of monitored gate decisions on a real workflow. A written report covering captured behavior, blocked actions, and NIST control evidence produced. No procurement vehicle required for Phase 0/1." } },
+    { "@type": "Question", "name": "Is there a federal RAG product?", "acceptedAnswer": { "@type": "Answer", "text": "Not yet, and not on speculation. RAG over agency policy or document corpora will be built when a pilot agency names a specific use case. The supporting pieces (vector store, embeddings, reranker, hallucination detector) already exist as agency-neutral building blocks." } }
+  ]
+}
+</script>
+
+<style>
+  *, *::before, *::after { box-sizing: border-box; }
+  :root {
+    --bg: #0a0a0b;
+    --bg-raised: #111113;
+    --bg-card: #161618;
+    --border: #232327;
+    --text: #ececf1;
+    --text-muted: #9a9aa6;
+    --cyan: #22d3ee;
+    --cyan-dim: rgba(34, 211, 238, 0.12);
+    --cyan-glow: rgba(34, 211, 238, 0.22);
+    --green: #4ade80;
+    --green-dim: rgba(74, 222, 128, 0.12);
+    --amber: #fbbf24;
+    --amber-dim: rgba(251, 191, 36, 0.12);
+    --red: #f87171;
+    --font: -apple-system, BlinkMacSystemFont, 'Segoe UI', 'Inter', Roboto, sans-serif;
+    --mono: 'SF Mono', 'Cascadia Code', 'JetBrains Mono', 'Fira Code', Consolas, monospace;
+  }
+  html { scroll-behavior: smooth; }
+  body {
+    margin: 0;
+    font-family: var(--font);
+    background:
+      radial-gradient(circle at top, rgba(34, 211, 238, 0.16) 0%, rgba(34, 211, 238, 0) 28%),
+      linear-gradient(180deg, #0a0a0b 0%, #0d1016 48%, #0a0a0b 100%);
+    color: var(--text);
+    line-height: 1.6;
+    -webkit-font-smoothing: antialiased;
+  }
+  a { color: inherit; }
+  .container { max-width: 1040px; margin: 0 auto; padding: 0 24px; }
+  nav {
+    position: sticky; top: 0; z-index: 50;
+    backdrop-filter: blur(12px);
+    background: rgba(10, 10, 11, 0.86);
+    border-bottom: 1px solid rgba(35, 35, 39, 0.92);
+  }
+  nav .container { min-height: 68px; display: flex; align-items: center; justify-content: space-between; gap: 20px; }
+  .nav-logo { font-size: 15px; font-weight: 700; letter-spacing: -0.02em; text-decoration: none; display: inline-flex; align-items: center; gap: 8px; }
+  .nav-logo .logo-mark { width: 28px; height: 28px; display: block; }
+  .nav-logo span { color: var(--cyan); }
+  .nav-links { display: flex; gap: 18px; flex-wrap: wrap; align-items: center; }
+  .nav-links a { color: var(--text-muted); text-decoration: none; font-size: 13px; }
+  .nav-links a:hover { color: var(--text); }
+
+  header.hero { padding: 80px 0 56px; }
+  .eyebrow {
+    display: inline-block;
+    color: var(--cyan);
+    background: var(--cyan-dim);
+    border: 1px solid rgba(34, 211, 238, 0.3);
+    padding: 6px 12px;
+    border-radius: 999px;
+    font-size: 12px;
+    font-weight: 600;
+    letter-spacing: 0.04em;
+    text-transform: uppercase;
+    margin-bottom: 20px;
+  }
+  h1 { font-size: 44px; line-height: 1.1; letter-spacing: -0.02em; margin: 0 0 20px; }
+  h1 .accent { color: var(--cyan); }
+  .lede { font-size: 18px; color: var(--text-muted); max-width: 720px; margin: 0 0 28px; }
+  .cta-row { display: flex; gap: 12px; flex-wrap: wrap; }
+  .btn-primary, .btn-secondary {
+    display: inline-flex; align-items: center; gap: 8px;
+    padding: 12px 20px; border-radius: 8px; font-weight: 600; font-size: 14px;
+    text-decoration: none; transition: transform 80ms ease, box-shadow 80ms ease;
+  }
+  .btn-primary { background: var(--cyan); color: #001016; box-shadow: 0 8px 24px var(--cyan-glow); }
+  .btn-primary:hover { transform: translateY(-1px); }
+  .btn-secondary { border: 1px solid var(--border); color: var(--text); background: var(--bg-raised); }
+  .btn-secondary:hover { border-color: var(--cyan); color: var(--cyan); }
+
+  section { padding: 56px 0; border-top: 1px solid var(--border); }
+  section h2 { font-size: 28px; letter-spacing: -0.015em; margin: 0 0 12px; }
+  section h2 .accent { color: var(--cyan); }
+  section p.section-lede { color: var(--text-muted); font-size: 15px; max-width: 760px; margin: 0 0 28px; }
+
+  .grid-3 { display: grid; grid-template-columns: repeat(auto-fit, minmax(280px, 1fr)); gap: 16px; }
+  .card { background: var(--bg-card); border: 1px solid var(--border); border-radius: 12px; padding: 20px; }
+  .card h3 { font-size: 16px; margin: 0 0 8px; color: var(--cyan); letter-spacing: -0.01em; }
+  .card p { font-size: 14px; color: var(--text-muted); margin: 0; }
+
+  table.compliance { width: 100%; border-collapse: collapse; font-size: 14px; margin-top: 8px; }
+  table.compliance th, table.compliance td { text-align: left; padding: 10px 12px; border-bottom: 1px solid var(--border); vertical-align: top; }
+  table.compliance th { color: var(--text-muted); font-weight: 600; font-size: 12px; letter-spacing: 0.04em; text-transform: uppercase; background: var(--bg-raised); }
+  table.compliance code { font-family: var(--mono); color: var(--cyan); font-size: 12px; }
+  .status-ok { color: var(--green); font-weight: 600; }
+  .status-partial { color: var(--amber); font-weight: 600; }
+  .status-pending { color: var(--text-muted); font-weight: 600; }
+
+  .deployment-grid { display: grid; grid-template-columns: 1fr 1fr; gap: 20px; }
+  @media (max-width: 720px) { .deployment-grid { grid-template-columns: 1fr; } h1 { font-size: 34px; } }
+  .deployment-card { background: var(--bg-card); border: 1px solid var(--border); border-radius: 12px; padding: 24px; }
+  .deployment-card.gov { border-color: rgba(34, 211, 238, 0.4); }
+  .deployment-card h3 { font-size: 18px; margin: 0 0 12px; }
+  .deployment-card ul { padding-left: 18px; color: var(--text-muted); font-size: 14px; margin: 0; }
+  .deployment-card li { margin: 6px 0; }
+
+  .callout {
+    background: var(--bg-raised);
+    border: 1px solid var(--border);
+    border-left: 3px solid var(--cyan);
+    border-radius: 8px;
+    padding: 18px 20px;
+    color: var(--text-muted);
+    font-size: 14px;
+  }
+  .callout strong { color: var(--text); }
+
+  footer { padding: 40px 0 80px; text-align: center; color: var(--text-muted); font-size: 13px; }
+  footer a { color: var(--cyan); text-decoration: none; }
+</style>
+</head>
+<body>
+
+<nav>
+  <div class="container">
+    <a class="nav-logo" href="/">
+      <img class="logo-mark" src="/assets/brand/thumbgate-mark.svg" alt="" />
+      ThumbGate <span>/ federal</span>
+    </a>
+    <div class="nav-links">
+      <a href="#capabilities">Capabilities</a>
+      <a href="#compliance">Compliance</a>
+      <a href="#deployment">Deployment</a>
+      <a href="#engage">Pilot</a>
+      <a href="https://github.com/IgorGanapolsky/ThumbGate/blob/main/docs/FEDERAL.md">Docs</a>
+    </div>
+  </div>
+</nav>
+
+<header class="hero">
+  <div class="container">
+    <span class="eyebrow">For Federal Agencies</span>
+    <h1>Auditable <span class="accent">pre-action gates</span> for AI coding agents inside federal agencies.</h1>
+    <p class="lede">
+      Every gate decision is logged with timestamp, actor, action, policy, and evidence — the artifact OMB M-24-10 and EO 14110 ask for, generated continuously. Agency-owned policy. Vendor-neutral across Claude Code, Cursor, Codex, Gemini CLI, Amp, Cline, OpenCode. On-prem or government cloud deployment via ThumbGate-Core gov mode.
+    </p>
+    <div class="cta-row">
+      <a class="btn-primary" href="mailto:iganapolsky@gmail.com?subject=ThumbGate%20federal%20pilot%20scoping">Start a 30-minute scoping call →</a>
+      <a class="btn-secondary" href="https://github.com/IgorGanapolsky/ThumbGate/blob/main/docs/FEDERAL.md">Read the technical brief</a>
+    </div>
+  </div>
+</header>
+
+<section id="capabilities">
+  <div class="container">
+    <h2>What an agency actually gets</h2>
+    <p class="section-lede">
+      ThumbGate is a behavioral enforcement layer between AI agents and the tools they invoke. It is not a model, not a model-output evaluator, and not a federal data RAG system. It is the gate that decides whether a tool call leaves the agent's environment.
+    </p>
+    <div class="grid-3">
+      <div class="card">
+        <h3>Auditable agent behavior</h3>
+        <p>Every gate decision is logged with the action attempted, the policy invoked, the evidence required, and the outcome. PII redaction is built in. Logs are exportable in JSON Lines for ingestion into the agency SIEM.</p>
+      </div>
+      <div class="card">
+        <h3>Agency-owned policy</h3>
+        <p>Generic LLM guardrails are vendor-controlled and opaque. ThumbGate policies live in version control inside the agency boundary, are written as code, and are enforced locally before a tool call leaves the dev environment.</p>
+      </div>
+      <div class="card">
+        <h3>Repeated-failure prevention</h3>
+        <p>A thumbs-down from an agency engineer becomes a permanent prevention rule. The same risky action never reaches the model on the next attempt — relevant for cost control and for documenting "we did not let the agent do X" in incident review.</p>
+      </div>
+      <div class="card">
+        <h3>Vendor-neutral</h3>
+        <p>Works with Claude Code, Cursor, Codex, Gemini CLI, Amp, Cline, OpenCode, and any MCP-compatible agent. No lock-in to a single model vendor. Bedrock GovCloud and Azure Government routing supported in gov mode.</p>
+      </div>
+      <div class="card">
+        <h3>Continuous AI use-case inventory</h3>
+        <p>Gate-decision telemetry produces a real-time inventory of which AI tools are actively used, by whom, on what — directly supporting OMB M-24-10 §5(a) and EO 14110 §10.1(b) inventory and risk-categorization requirements.</p>
+      </div>
+      <div class="card">
+        <h3>Air-gap supported</h3>
+        <p>ThumbGate-Core gov mode runs without telemetry, without auto-update, and without any outbound call to thumbgate.ai. Agency keeps the data; ThumbGate provides the enforcement engine and the policy framework.</p>
+      </div>
+    </div>
+  </div>
+</section>
+
+<section id="compliance">
+  <div class="container">
+    <h2>Compliance posture — <span class="accent">the honest current state</span></h2>
+    <p class="section-lede">
+      No FedRAMP marketing badge until authorization is real. Here is what is true today and what the path forward looks like.
+    </p>
+    <table class="compliance">
+      <thead>
+        <tr><th>Item</th><th>Status</th><th>Notes</th></tr>
+      </thead>
+      <tbody>
+        <tr><td>FedRAMP authorization</td><td class="status-pending">Not yet</td><td>Targeting Low baseline via agency sponsorship. Open to civilian agency sponsor conversations.</td></tr>
+        <tr><td>FISMA / NIST 800-53 Rev 5</td><td class="status-partial">Partial mapping</td><td>11 controls directly supported (see below). Public SaaS inherits Railway's controls; Core gov mode runs on-prem.</td></tr>
+        <tr><td>FIPS 140-2/3 validated crypto</td><td class="status-partial">In Core gov mode</td><td>Public ThumbGate uses Node.js native crypto; Core gov mode routes to a FIPS-validated provider on <code>THUMBGATE_DEPLOY=gov</code>.</td></tr>
+        <tr><td>Section 508 accessibility</td><td class="status-partial">Dashboard audit pending</td><td>CLI output and landing pages are screen-reader friendly; full WCAG 2.1 AA audit pending.</td></tr>
+        <tr><td>US persons + US data residency</td><td class="status-ok">Core gov deployments</td><td>Public SaaS runs in US Railway regions; Core gov mode is on-prem or government cloud only.</td></tr>
+        <tr><td>SBOM + supply chain provenance</td><td class="status-ok">Per release</td><td>SBOM and dependency report published with every npm release in <code>proof/</code>.</td></tr>
+        <tr><td>Third-party LLM calls</td><td class="status-partial">Public uses Claude directly</td><td>Core gov mode replaces direct Claude calls with Bedrock GovCloud / Azure Government routing.</td></tr>
+      </tbody>
+    </table>
+
+    <h2 style="margin-top:48px">NIST 800-53 Rev 5 — controls ThumbGate produces evidence for</h2>
+    <table class="compliance">
+      <thead>
+        <tr><th>Family</th><th>Control</th><th>How ThumbGate supports it</th></tr>
+      </thead>
+      <tbody>
+        <tr><td>AC</td><td><code>AC-3</code> Access Enforcement</td><td>PreToolUse hook blocks tool calls that violate policy regardless of operator intent.</td></tr>
+        <tr><td>AC</td><td><code>AC-6</code> Least Privilege</td><td>Per-gate scopes bind agent actions to declared task scope.</td></tr>
+        <tr><td>AU</td><td><code>AU-2 / AU-3 / AU-12</code> Audit Logging</td><td>Every gate decision logged with full payload, PII-redacted, exportable to agency SIEM.</td></tr>
+        <tr><td>CM</td><td><code>CM-3</code> Configuration Change Control</td><td>Branch governance gate requires <code>releaseVersion</code> declaration before release/publish actions.</td></tr>
+        <tr><td>CM</td><td><code>CM-7</code> Least Functionality</td><td>MCP allowlists constrain reachable agent tools per deployment profile.</td></tr>
+        <tr><td>IR</td><td><code>IR-4</code> Incident Handling</td><td>Hallucination detector + claim verification produces evidence trails for post-incident review.</td></tr>
+        <tr><td>RA</td><td><code>RA-5</code> Vulnerability Monitoring</td><td>Security scan surfaces known-bad patterns from the prevention rule library.</td></tr>
+        <tr><td>SI</td><td><code>SI-4 / SI-7</code> System Integrity</td><td>Continuous gate telemetry + integrity-checkable prevention rule corpus.</td></tr>
+      </tbody>
+    </table>
+  </div>
+</section>
+
+<section id="deployment">
+  <div class="container">
+    <h2>Two deployment profiles. <span class="accent">One codebase.</span></h2>
+    <p class="section-lede">
+      Federal capabilities are an additive Core deployment profile, not a fork. The open-source ThumbGate developers install from npm is byte-identical regardless of federal work — pinned by regression tests.
+    </p>
+    <div class="deployment-grid">
+      <div class="deployment-card">
+        <h3>Public ThumbGate <span style="color:var(--text-muted);font-size:13px">— open source</span></h3>
+        <ul>
+          <li><code>npm install thumbgate</code> → local CLI enforcement</li>
+          <li>Railway SaaS dashboard</li>
+          <li>Direct Claude API integration</li>
+          <li>Best for: SBIR Phase I prototyping, agency open-source experimentation, contractor evaluation</li>
+          <li>License: MIT</li>
+        </ul>
+      </div>
+      <div class="deployment-card gov">
+        <h3>ThumbGate-Core <span style="color:var(--cyan);font-size:13px">— gov mode</span></h3>
+        <ul>
+          <li>Activated by <code>THUMBGATE_DEPLOY=gov</code></li>
+          <li>On-prem, AWS GovCloud, or Azure Government install</li>
+          <li>Bedrock GovCloud / Azure Gov LLM routing — no public-internet model calls</li>
+          <li>FIPS-validated crypto provider</li>
+          <li>Audit log sink configurable to agency SIEM</li>
+          <li>Air-gapped install supported</li>
+          <li>Best for: production agency dev environments, ATO-bound deployments</li>
+        </ul>
+      </div>
+    </div>
+
+    <div class="callout" style="margin-top:24px">
+      <strong>Why the boundary matters.</strong> Federal expansion runs through ThumbGate-Core. The public open-source product is the protected invariant: <code>npm i thumbgate</code> on a fresh machine works with zero federal env vars set, public CI passes with Core absent, and no federal code path is reachable without explicit opt-in. Five architectural invariants are pinned by regression tests in <code>tests/public-core-boundary.test.js</code>.
+    </div>
+  </div>
+</section>
+
+<section id="engage">
+  <div class="container">
+    <h2>What a pilot actually looks like</h2>
+    <p class="section-lede">
+      A 30-minute scoping call. One agent workflow inside the agency. Two weeks of monitored gate decisions. A written report with captured behavior, blocked actions, and NIST control evidence. No procurement vehicle required for Phase 0 or Phase 1.
+    </p>
+    <div class="grid-3">
+      <div class="card">
+        <h3>Phase 0 — Now</h3>
+        <p>Public technical brief, NIST control mapping, this page. No agency commitment required. Read the docs, evaluate the open-source release.</p>
+      </div>
+      <div class="card">
+        <h3>Phase 1 — On first call</h3>
+        <p>One-page CIS tailored to the agency authorization boundary. SBOM walkthrough. Air-gapped install rehearsal in a clean VM.</p>
+      </div>
+      <div class="card">
+        <h3>Phase 2 — On signed pilot</h3>
+        <p>Core gov mode install. Bedrock GovCloud / Azure Gov routing. FIPS crypto. Agency SIEM audit-log sink. Two-week monitored evaluation on one workflow.</p>
+      </div>
+      <div class="card">
+        <h3>Phase 3 — On sponsor commitment</h3>
+        <p>FedRAMP Low baseline package preparation. 3PAO engagement. ATO documentation set.</p>
+      </div>
+      <div class="card">
+        <h3>Phase 4 — On named demand</h3>
+        <p>Federal RAG over agency policy corpora. Multimodal retrieval for screenshot / PDF / diagram evidence. Built when an agency names the use case — not on speculation.</p>
+      </div>
+      <div class="card">
+        <h3>Engagement vehicles</h3>
+        <p>SBIR / STTR Phase I and II. Agency innovation pilots. Prime / SI partnership for inclusion in a larger AI governance offering. GSA Schedule path open under agency sponsorship.</p>
+      </div>
+    </div>
+
+    <div style="margin-top:32px;display:flex;gap:12px;flex-wrap:wrap">
+      <a class="btn-primary" href="mailto:iganapolsky@gmail.com?subject=ThumbGate%20federal%20pilot%20scoping">Email for a scoping call →</a>
+      <a class="btn-secondary" href="https://github.com/IgorGanapolsky/ThumbGate/blob/main/docs/FEDERAL.md">Read the full technical brief</a>
+    </div>
+  </div>
+</section>
+
+<footer>
+  <div class="container">
+    ThumbGate is built and maintained by <a href="https://github.com/IgorGanapolsky">Igor Ganapolsky</a>.
+    Open source under MIT. Federal capabilities ship via the licensed ThumbGate-Core component.
+    <br>
+    <a href="/">← Back to thumbgate.ai</a>
+    &nbsp;·&nbsp;
+    <a href="https://github.com/IgorGanapolsky/ThumbGate">GitHub</a>
+    &nbsp;·&nbsp;
+    <a href="https://github.com/IgorGanapolsky/ThumbGate/blob/main/docs/FEDERAL.md">Federal docs</a>
+  </div>
+</footer>
+
+</body>
+</html>

package/public/guide.html

@@ -353,8 +353,8 @@ npx thumbgate init --agent gemini</code></pre>
 <pre><code>npx thumbgate init</code></pre>
 <p>One command. Works with Claude Code, Cursor, Codex, Gemini, Amp, and OpenCode. Claude Code can also call Codex for review, adversarial review, and second-pass handoffs through the repo-local bridge plugin.</p>
 <a href="https://thumbgate.ai/checkout/pro?utm_source=guide&utm_medium=cta_button&utm_campaign=pro_pack" class="cta">Get Pro — $19/mo or $149/yr</a>
-<a href="https://buy.stripe.com/00w14neyUcXA5pL5e33sI0e" class="cta cta-secondary">Pay $499 diagnostic</a>
-<a href="https://buy.stripe.com/fZu9AT76saPsg4pbCr3sI0f" class="cta cta-secondary">Pay $1500 sprint</a>
+<a rel="nofollow noopener noreferrer" target="_blank" href="https://buy.stripe.com/00w14neyUcXA5pL5e33sI0e" class="cta cta-secondary">Pay $499 diagnostic</a>
+<a rel="nofollow noopener noreferrer" target="_blank" href="https://buy.stripe.com/fZu9AT76saPsg4pbCr3sI0f" class="cta cta-secondary">Pay $1500 sprint</a>
 <a href="https://thumbgate.ai/#workflow-sprint-intake" class="cta cta-secondary">Send workflow first</a>
 <p style="color:var(--muted); font-size:0.85rem;">Free: unlimited captures, 5 active prevention rules, hook blocking. Pro: dashboard, recall, lesson search, unlimited rules, DPO export. Team: intake first, then $49/seat/mo with a 3-seat minimum.</p>
 

package/public/index.html

@@ -19,7 +19,7 @@ __GOOGLE_SITE_VERIFICATION_META__
 <meta property="og:image" content="https://thumbgate-production.up.railway.app/og.png">
 <meta name="twitter:card" content="summary_large_image">
 <meta name="twitter:image" content="https://thumbgate-production.up.railway.app/og.png">
-<meta name="thumbgate-version" content="1.18.0">
+<meta name="thumbgate-version" content="1.20.0">
 <meta name="keywords" content="ThumbGate, thumbgate, AI agent orchestration, AI experience orchestration, agent enforcement layer, save LLM tokens, reduce Claude API cost, reduce OpenAI cost, AI agent token savings, prevent LLM retries, prevent hallucination retries, stop AI token waste, pre-action checks, agent governance, Claude Code, Cursor, Codex, Gemini, Amp, Cline, OpenCode, workflow hardening, context engineering, AI authenticity, brand authenticity AI">
 <link rel="apple-touch-icon" href="/apple-touch-icon.png">
 
@@ -40,6 +40,28 @@ __GA_BOOTSTRAP__
   const workflowSprintPriceDollars = Number('__WORKFLOW_SPRINT_PRICE_DOLLARS__') || 1500;
 </script>
 
+<script type="application/ld+json">
+{
+  "@context": "https://schema.org",
+  "@type": "Organization",
+  "name": "ThumbGate",
+  "alternateName": "thumbgate",
+  "url": "https://thumbgate-production.up.railway.app",
+  "logo": "https://thumbgate-production.up.railway.app/assets/brand/thumbgate-logo-1200x360.png",
+  "description": "ThumbGate ships pre-action gates for AI coding agents. Open-source CLI plus PreToolUse hooks that capture feedback, promote it to memory, generate prevention rules, and block repeated mistakes before the next tool call across Claude Code, Cursor, Codex, Gemini, Amp, Cline, and OpenCode.",
+  "founder": {
+    "@type": "Person",
+    "name": "Igor Ganapolsky",
+    "url": "https://github.com/IgorGanapolsky"
+  },
+  "sameAs": [
+    "https://github.com/IgorGanapolsky/ThumbGate",
+    "https://www.npmjs.com/package/thumbgate",
+    "https://github.com/IgorGanapolsky"
+  ]
+}
+</script>
+
 <script type="application/ld+json">
 {
   "@context": "https://schema.org",
@@ -672,7 +694,8 @@ __GA_BOOTSTRAP__
     <a href="/" class="nav-logo"><img src="/assets/brand/thumbgate-mark-inline.svg" alt="ThumbGate" class="logo-mark" width="28" height="28"><span class="logo-text">ThumbGate</span></a>
     <div class="nav-links">
       <a href="#how-it-works">How It Works</a>
-      <a href="#pricing">Pricing</a>
+      <a href="/pricing">Pricing</a>
+      <a href="/case-studies">Case Studies</a>
       <a href="/guides/autoresearch-agent-safety">Autoresearch</a>
       <a href="#faq">FAQ</a>
       <a href="https://github.com/IgorGanapolsky/ThumbGate" target="_blank" rel="noopener">GitHub</a>
@@ -710,7 +733,7 @@ __GA_BOOTSTRAP__
         <span class="copy-hint">click to copy</span>
       </div>
       <a href="/go/install?utm_source=website&utm_medium=hero_cta&utm_campaign=install_free&cta_id=hero_install_cli&cta_placement=hero" onclick="event.preventDefault(); navigator.clipboard.writeText('npx thumbgate init'); this.textContent='Copied ✓ — paste in your repo'; setTimeout(()=>{this.textContent='Install Free CLI'},2000); try{posthog.capture('hero_install_click',{cta:'install_cli'})}catch(_){}" class="btn-gpt-page btn-install-hero" title="Click to copy: npx thumbgate init">Install Free CLI</a>
-      <a href="/go/pro?utm_source=website&amp;utm_medium=hero_cta&amp;utm_campaign=pro_upgrade&amp;cta_id=hero_go_pro&amp;cta_placement=hero&amp;plan_id=pro&amp;landing_path=%2F" onclick="try{posthog.capture('hero_pro_click',{cta:'go_pro'})}catch(_){};sendFirstPartyTelemetry('hero_pro_checkout_started',{ctaId:'hero_go_pro',ctaPlacement:'hero',planId:'pro',price:19});sendGa4Event('begin_checkout',{currency:'USD',value:19,items:[{item_id:'pro',item_name:'ThumbGate Pro'}]});" class="btn-pro-page hero-pro">Get Pro — $19/mo</a>
+      <a href="#workflow-sprint-intake" onclick="try{posthog.capture('hero_sprint_click',{cta:'sprint_intake'})}catch(_){};sendFirstPartyTelemetry('hero_sprint_intake_started',{ctaId:'hero_workflow_sprint',ctaPlacement:'hero',offer:'workflow_sprint'});" class="btn-pro-page hero-pro">Talk to me — Workflow Hardening Sprint →</a>
     </div>
 
     <div class="hero-trust-bar">
@@ -720,6 +743,10 @@ __GA_BOOTSTRAP__
       <span>Works with MCP-compatible agents</span>
       <span>Verification evidence in GitHub</span>
     </div>
+    <figure style="max-width:760px;margin:32px auto 0;padding:20px 24px;border-left:3px solid var(--cyan);background:rgba(34,211,238,0.04);border-radius:0 8px 8px 0;">
+      <blockquote style="margin:0;font-size:18px;line-height:1.5;color:var(--text);font-style:italic;">&ldquo;A better dashboard doesn&rsquo;t make the agents more reliable. The hard part isn&rsquo;t visibility. It&rsquo;s trust.&rdquo;</blockquote>
+      <figcaption style="margin-top:12px;font-size:13px;color:var(--text-muted);">— Rob May, CEO &amp; co-founder, Neurometric AI, in <a href="https://thenewstack.io/claude-code-agent-view/" target="_blank" rel="noopener" style="color:var(--cyan);">The New Stack</a> on Anthropic&rsquo;s Claude Code Agent View (May 2026). ThumbGate is the open-source layer that makes the trust part real: PreToolUse gates, thumbs-down to rule, audit trail on every interception.</figcaption>
+    </figure>
     <div class="first-check-card" id="first-check">
       <div class="section-label" style="text-align:left;margin-bottom:8px;">First-Dollar Activation Path</div>
       <h2>Block your first repeated AI mistake in 5 minutes.</h2>
@@ -995,6 +1022,7 @@ __GA_BOOTSTRAP__
     </div>
     <div style="display:flex;gap:12px;justify-content:center;flex-wrap:wrap;margin-top:18px;">
       <a class="btn-team" href="/compare/ai-experience-orchestration">Compare orchestration vs enforcement →</a>
+      <a class="btn-free" href="/guides/ai-deployment-readiness" style="display:inline-flex;align-items:center;">AI deployment readiness →</a>
       <a class="btn-free" href="/use-cases/platform-teams" style="display:inline-flex;align-items:center;">Platform team rollout →</a>
       <a class="btn-free" href="/use-cases/regulated-workflows" style="display:inline-flex;align-items:center;">Regulated workflow pattern →</a>
     </div>
@@ -1021,6 +1049,7 @@ __GA_BOOTSTRAP__
         <a href="/guides/claude-code-skills-guardrails">Claude Code skills</a>
         <a href="/guides/long-running-agent-context-management">Long-running agent context</a>
         <a href="/guides/reasoning-compression-guardrails">Reasoning compression</a>
+        <a href="/guides/ai-deployment-readiness">AI deployment readiness</a>
         <a href="/guides/browser-automation-safety">Browser automation safety</a>
         <a href="/guides/native-messaging-host-security">Native messaging host security</a>
         <a href="/guides/ai-search-topical-presence">AI search topical presence</a>
@@ -1289,6 +1318,11 @@ __GA_BOOTSTRAP__
         </div>
         <span class="team-intake-badge">30-minute intake</span>
       </div>
+      <details style="border:1px solid var(--border);border-radius:14px;padding:18px 22px;background:var(--bg-raised);margin:18px 0;">
+        <summary style="cursor:pointer;font-size:16px;font-weight:600;color:var(--cyan);list-style:none;display:flex;align-items:center;gap:8px;">
+          <span style="display:inline-block;transition:transform 0.15s;">▸</span>
+          Need consulting, a one-off diagnostic, or a hardening sprint? View paid services &amp; kits
+        </summary>
       <div class="team-paid-path" data-sprint-paid-path aria-label="Paid workflow hardening options">
         <div class="team-paid-card">
           <div>
@@ -1327,10 +1361,11 @@ __GA_BOOTSTRAP__
           </div>
           <div>
             <div class="team-paid-price">$97</div>
-            <a class="team-paid-link" href="https://buy.stripe.com/bJe14naiE9Lo7xT49Z3sI12" onclick="sendFirstPartyTelemetry('openclaw_governance_kit_checkout_started',{ctaId:'team_openclaw_governance_kit_checkout',ctaPlacement:'team_paid_path',planId:'digital_kit',offer:'openclaw_agent_governance_kit',price:97});sendGa4Event('begin_checkout',{currency:'USD',value:97,items:[{item_id:'openclaw_agent_governance_kit',item_name:'OpenClaw Agent Governance Kit'}]});">Buy kit</a>
+            <a rel="nofollow noopener noreferrer" target="_blank" class="team-paid-link" href="https://buy.stripe.com/bJe14naiE9Lo7xT49Z3sI12" onclick="sendFirstPartyTelemetry('openclaw_governance_kit_checkout_started',{ctaId:'team_openclaw_governance_kit_checkout',ctaPlacement:'team_paid_path',planId:'digital_kit',offer:'openclaw_agent_governance_kit',price:97});sendGa4Event('begin_checkout',{currency:'USD',value:97,items:[{item_id:'openclaw_agent_governance_kit',item_name:'OpenClaw Agent Governance Kit'}]});">Buy kit</a>
           </div>
         </div>
       </div>
+      </details>
       <div class="team-intake-recovery" aria-label="Checkout recovery path for workflow sprint buyers">
         <div>
           <strong>Not ready to pay from a checkout page?</strong>
@@ -1465,7 +1500,7 @@ __GA_BOOTSTRAP__
       <a href="https://www.linkedin.com/in/igorganapolsky" target="_blank" rel="noopener">LinkedIn</a>
       <a href="/blog">Blog</a>
     </div>
-    <span class="footer-copy">© 2026 ThumbGate · MIT License · npm v1.18.0</span>
+    <span class="footer-copy">© 2026 ThumbGate · MIT License · npm v1.20.0</span>
   </div>
 </footer>
 
@@ -1811,6 +1846,27 @@ async function handleProCheckout() {
   }
   globalThis.location.assign(checkoutUrl);
 }
+
+// Conversion-path safety: /services redirects to /#workflow-sprint-intake.
+// Modern browsers auto-open a <details> containing the hash target, but
+// older Safari/Firefox/Chrome (<2020) do not. Force-open any ancestor
+// <details> of the hash target so high-intent buyers always see the
+// paid intake content on arrival.
+function openDetailsForHash() {
+  var hash = globalThis.location.hash;
+  if (!hash || hash.length < 2) return;
+  var target;
+  try { target = document.querySelector(hash); } catch (_) { return; }
+  if (!target) return;
+  var el = target;
+  while (el && el !== document.body) {
+    if (el.tagName === 'DETAILS') { el.open = true; }
+    el = el.parentElement;
+  }
+  target.scrollIntoView({ behavior: 'auto', block: 'start' });
+}
+globalThis.addEventListener('DOMContentLoaded', openDetailsForHash);
+globalThis.addEventListener('hashchange', openDetailsForHash);
 </script>
 </body>
 </html>

package/public/learn.html

@@ -73,6 +73,12 @@
       {
         "@type": "ListItem",
         "position": 6,
+        "url": "https://thumbgate.ai/learn/from-prototype-to-production",
+        "name": "From git init to v1.17.0 in 70 days: an honest ThumbGate build log"
+      },
+      {
+        "@type": "ListItem",
+        "position": 7,
         "url": "https://thumbgate.ai/guides/stop-repeated-ai-agent-mistakes",
         "name": "How to Stop AI Coding Agents From Repeating Mistakes"
       },
@@ -123,6 +129,12 @@
         "position": 14,
         "url": "https://thumbgate.ai/guides/relational-knowledge-ai-recommendations",
         "name": "Relational Knowledge in AI Recommendations"
+      },
+      {
+        "@type": "ListItem",
+        "position": 15,
+        "url": "https://thumbgate.ai/guides/ai-deployment-readiness",
+        "name": "AI Deployment Readiness Before Production Rollout"
       }
     ]
   }
@@ -254,6 +266,13 @@
       <span class="article-tag">PreToolUse</span>
       <span class="article-tag">Technical</span>
     </a>
+    <a href="/learn/ai-agent-governance" class="article-card">
+      <h3>AI Agent Governance — The Four Layers Pattern</h3>
+      <p>AI agent governance has four layers: prompt rules, decorator wrappers, pre-action hooks, sandbox isolation. Each catches a different failure mode. Pick the layer that matches your stack — and understand why prompt rules alone fail.</p>
+      <span class="article-tag">Governance</span>
+      <span class="article-tag">Architecture</span>
+      <span class="article-tag">Pattern</span>
+    </a>
     <a href="/learn/agent-harness-pattern" class="article-card">
       <h3>The Agent Harness Pattern: Why Your AI Needs a Seatbelt</h3>
       <p>Tsinghua researchers formalized agent harnesses as first-class objects with contracts, verification checks, and durable state. ThumbGate implements this pattern in production today.</p>
@@ -262,6 +281,14 @@
       <span class="article-tag">NLAH</span>
     </a>
 
+    <a href="/learn/agent-swarms-shared-gates" class="article-card">
+      <h3>Agent Swarms: One Gate Layer, Every Model</h3>
+      <p>A 5-agent swarm without shared memory pays 5&times; the tokens on every repeated mistake. Here is how a single MCP gate layer makes Opus, GPT, and Gemini fail the same way only once.</p>
+      <span class="article-tag">Agent Swarms</span>
+      <span class="article-tag">Multi-Agent</span>
+      <span class="article-tag">Shared Memory</span>
+    </a>
+
     <a href="/learn/ai-agent-persistent-memory" class="article-card">
       <h3>How to Give Your AI Coding Agent Persistent Memory Across Sessions</h3>
       <p>Your agent forgets everything when the session ends. Here is how to give Claude Code, Cursor, Codex, and Gemini memory that survives restarts — without retraining.</p>
@@ -269,11 +296,27 @@
       <span class="article-tag">SQLite+FTS5</span>
       <span class="article-tag">Session Persistence</span>
     </a>
+
+    <a href="/learn/from-prototype-to-production" class="article-card">
+      <h3>From git init to v1.17.0 in 70 days: an honest ThumbGate build log</h3>
+      <p>70 days, 112 commits, 17 minor releases, 6k npm downloads, $0 cold-traffic revenue. The unedited story of taking ThumbGate from a one-line repo init to live production — including the part that's still broken.</p>
+      <span class="article-tag">Build Log</span>
+      <span class="article-tag">Indie SaaS</span>
+      <span class="article-tag">Shipping in Public</span>
+    </a>
   </div>
 
   <h2>Popular buyer questions</h2>
   <p class="section-intro">These are the high-intent guides for buyers who already know the pain and want to understand where ThumbGate fits fast.</p>
   <div class="article-grid">
+    <a href="/guides/ai-deployment-readiness" class="article-card">
+      <h3>AI Deployment Readiness Before Production Rollout</h3>
+      <p>Use one priority workflow to map tools, data, controls, pre-action gates, and proof before an AI deployment team ships into production.</p>
+      <span class="article-tag">Deployment</span>
+      <span class="article-tag">Readiness</span>
+      <span class="article-tag">Sprint</span>
+    </a>
+
     <a href="/guides/ai-search-topical-presence" class="article-card">
       <h3>AI Search Topical Presence</h3>
       <p>Why AI assistants recommend the tools they repeatedly see tied to a buyer problem, and how ThumbGate builds that association with proof-backed pages.</p>