thumbgate 1.19.0 → 1.21.0

package/public/index.html

@@ -19,7 +19,7 @@ __GOOGLE_SITE_VERIFICATION_META__
 <meta property="og:image" content="https://thumbgate-production.up.railway.app/og.png">
 <meta name="twitter:card" content="summary_large_image">
 <meta name="twitter:image" content="https://thumbgate-production.up.railway.app/og.png">
-<meta name="thumbgate-version" content="1.19.0">
+<meta name="thumbgate-version" content="1.21.0">
 <meta name="keywords" content="ThumbGate, thumbgate, AI agent orchestration, AI experience orchestration, agent enforcement layer, save LLM tokens, reduce Claude API cost, reduce OpenAI cost, AI agent token savings, prevent LLM retries, prevent hallucination retries, stop AI token waste, pre-action checks, agent governance, Claude Code, Cursor, Codex, Gemini, Amp, Cline, OpenCode, workflow hardening, context engineering, AI authenticity, brand authenticity AI">
 <link rel="apple-touch-icon" href="/apple-touch-icon.png">
 
@@ -33,11 +33,7 @@ __GA_BOOTSTRAP__
   const serverSessionId = '__SERVER_SESSION_ID__';
   const serverAcquisitionId = '__SERVER_ACQUISITION_ID__';
   const serverTelemetryCaptured = '__SERVER_TELEMETRY_CAPTURED__' === 'true';
-  const sprintDiagnosticCheckoutUrl = '__SPRINT_DIAGNOSTIC_CHECKOUT_URL__';
-  const workflowSprintCheckoutUrl = '__WORKFLOW_SPRINT_CHECKOUT_URL__';
   const proPriceDollars = Number('__PRO_PRICE_DOLLARS__') || 19;
-  const sprintDiagnosticPriceDollars = Number('__SPRINT_DIAGNOSTIC_PRICE_DOLLARS__') || 499;
-  const workflowSprintPriceDollars = Number('__WORKFLOW_SPRINT_PRICE_DOLLARS__') || 1500;
 </script>
 
 <script type="application/ld+json">
@@ -95,7 +91,7 @@ __GA_BOOTSTRAP__
     "Docker Sandboxes routing — move high-risk local runs into isolated microVM-backed execution",
     "Hosted sandbox dispatch — signed isolated lane for team automations",
     "Domain Skill Packs — Stripe, Railway, database migration best practices",
-    "Progressive Disclosure — 82% token savings with 3-tier L1/L2/L3 loading",
+    "Progressive Disclosure — 3-tier L1/L2/L3 loading cuts skill-pack token cost per the disclosureSavings metric in scripts/skill-packs.js",
     "Hallucination Detection — decomposes claims into verifiable sub-claims",
     "PII Scanner — blocks emails, credit cards, SSNs in feedback and exports",
     "Background Agent Governance — per-agent pass rates, CI auto-feedback",
@@ -575,14 +571,6 @@ __GA_BOOTSTRAP__
   .team-intake-panel h3 { margin: 0 0 6px; font-size: 18px; color: var(--text); }
   .team-intake-panel p { margin: 0; color: var(--text-dim); font-size: 13px; line-height: 1.55; }
   .team-intake-badge { flex-shrink: 0; padding: 6px 10px; border: 1px solid rgba(74,222,128,0.35); border-radius: 999px; color: var(--green); font-size: 11px; font-weight: 700; text-transform: uppercase; letter-spacing: 0.06em; }
-  .team-paid-path { display: none; grid-template-columns: repeat(2, minmax(0, 1fr)); gap: 12px; margin: 0 0 16px; }
-  .team-paid-path.visible { display: grid; }
-  .team-paid-card { display: flex; flex-direction: column; justify-content: space-between; gap: 12px; min-height: 150px; padding: 16px; border: 1px solid rgba(74,222,128,0.22); border-radius: 10px; background: rgba(0,0,0,0.24); }
-  .team-paid-card h4 { margin: 0 0 6px; color: var(--text); font-size: 15px; }
-  .team-paid-card p { margin: 0; color: var(--text-dim); font-size: 12px; line-height: 1.5; }
-  .team-paid-price { color: var(--green); font-weight: 800; font-size: 18px; }
-  .team-paid-link { display: block; text-align: center; padding: 10px 12px; background: rgba(74,222,128,0.16); color: var(--green); border: 1px solid rgba(74,222,128,0.45); border-radius: 8px; text-decoration: none; font-size: 13px; font-weight: 700; }
-  .team-paid-link:hover { border-color: var(--green); transform: translateY(-1px); }
   .team-intake-recovery { margin: 0 0 16px; padding: 13px 14px; border: 1px solid rgba(34,211,238,0.28); border-radius: 12px; background: rgba(34,211,238,0.08); display: flex; align-items: center; justify-content: space-between; gap: 14px; text-align: left; }
   .team-intake-recovery strong { display: block; color: var(--text); font-size: 13px; margin-bottom: 2px; }
   .team-intake-recovery span { display: block; color: var(--text-dim); font-size: 12px; line-height: 1.45; }
@@ -660,7 +648,6 @@ __GA_BOOTSTRAP__
     .pricing-grid { grid-template-columns: 1fr; }
     .team-intake-panel-head { display: block; }
     .team-intake-badge { display: inline-block; margin-bottom: 10px; }
-    .team-paid-path { grid-template-columns: 1fr; }
     .team-intake-recovery { align-items: stretch; flex-direction: column; text-align: center; }
     .team-intake-recovery a { width: 100%; }
     .team-form { grid-template-columns: 1fr; }
@@ -716,9 +703,9 @@ __GA_BOOTSTRAP__
 <!-- HERO -->
 <section class="hero">
   <div class="container">
-    <div class="hero-badge">👍 👎 Pre-action gates for AI coding agents</div>
-    <h1>Stop paying for the same AI mistake twice.</h1>
-    <p class="hero-lede">ThumbGate turns a single thumbs-down into a rule that blocks the next repeat before Claude Code, Cursor, Codex, Gemini CLI, Amp, Cline, or OpenCode runs the tool call.</p>
+    <div class="hero-badge">👍 👎 The Firewall for AI Agents</div>
+    <h1>The Infrastructure Firewall for AI Coding Agents.</h1>
+    <p class="hero-lede">AI will always hallucinate and break things. We don't try to make AI smarter; we make its mistakes harmless. ThumbGate keeps the Senior Architect in control by blocking dangerous tool calls before they hit the disk.</p>
 
     <div class="hero-proof-card" aria-label="ThumbGate blocking example">
       <div class="terminal-row muted">$ agent attempts risky action</div>
@@ -734,6 +721,7 @@ __GA_BOOTSTRAP__
       </div>
       <a href="/go/install?utm_source=website&utm_medium=hero_cta&utm_campaign=install_free&cta_id=hero_install_cli&cta_placement=hero" onclick="event.preventDefault(); navigator.clipboard.writeText('npx thumbgate init'); this.textContent='Copied ✓ — paste in your repo'; setTimeout(()=>{this.textContent='Install Free CLI'},2000); try{posthog.capture('hero_install_click',{cta:'install_cli'})}catch(_){}" class="btn-gpt-page btn-install-hero" title="Click to copy: npx thumbgate init">Install Free CLI</a>
       <a href="#workflow-sprint-intake" onclick="try{posthog.capture('hero_sprint_click',{cta:'sprint_intake'})}catch(_){};sendFirstPartyTelemetry('hero_sprint_intake_started',{ctaId:'hero_workflow_sprint',ctaPlacement:'hero',offer:'workflow_sprint'});" class="btn-pro-page hero-pro">Talk to me — Workflow Hardening Sprint →</a>
+      <a href="#demo" onclick="try{posthog.capture('hero_demo_click',{cta:'watch_demo'})}catch(_){};sendFirstPartyTelemetry('hero_demo_clicked',{ctaId:'hero_watch_demo',ctaPlacement:'hero'});" class="btn-free" style="font-size:15px;padding:14px 22px;">▶ Watch the 90-second demo</a>
     </div>
 
     <div class="hero-trust-bar">
@@ -784,7 +772,7 @@ __GA_BOOTSTRAP__
       <a class="signal-pill signal-up">Thumbs-down once, blocked forever</a>
       <a class="signal-pill signal-down">Block repeat hallucinations before the model sees them</a>
       <p class="hero-persona">For consultancies, platform teams, and AI product teams that want workflow governance, CLI-first rollout, and a reliable operator.</p>
-      <p>Have one AI-agent failure that keeps repeating? Start with one real workflow, one repeated failure pattern, enforceable pre-action gates, and a short audit note your team can keep.</p>
+      <p>Have one AI-agent failure that keeps repeating? Start with one real workflow, one repeated failure pattern, enforceable pre-action gates, and a short audit trail your team can keep.</p>
       <p>Prove one blocked repeat before asking anyone to buy. Give <code>thumbs up</code> when the agent follows your standards, <code>thumbs down</code> when it misses. Upgrade after one real blocked repeat.</p>
       <p>Workflow governance for isolated execution: ThumbGate pairs policy checks with Docker Sandboxes, signed hosted sandbox dispatch, Changeset evidence, and exact main-branch merge commit verification before release claims ship.</p>
       <!--
@@ -795,9 +783,9 @@ __GA_BOOTSTRAP__
         update the test assertions in the same PR.
       -->
       <div hidden aria-hidden="true" data-thumbgate-test-anchors style="display:none">
-        <span data-cta="hero_workflow_sprint_diagnostic_checkout">ctaId: 'hero_workflow_sprint_diagnostic_checkout' ctaId: 'hero_workflow_sprint_recovery_intake' workflow_sprint_checkout_started workflow_sprint_recovery_intake_clicked hero_workflow_sprint_recovery_intake</span>
+        <span data-cta="hero_workflow_sprint_intake">ctaId: 'hero_workflow_sprint' ctaId: 'hero_workflow_sprint_recovery_intake' workflow_sprint_intake_started workflow_sprint_recovery_intake_clicked hero_workflow_sprint_recovery_intake</span>
         <span data-anchor="dashboard-preview">dashboard-preview What your Pro dashboard looks like check:no-force-push</span>
-        <span data-anchor="team-intake-form">Start Team Pilot Intake id="team-pilot-intake-form" data-team-intake-form name="ctaPlacement" value="team_visible_intake" name="utmMedium" value="visible_team_intake" name="planId" value="team" name="ctaId" value="workflow_sprint_intake" Not ready to pay from a checkout page? team_workflow_sprint_recovery_intake checkout_abandon workflow_sprint_intake_started workflow_sprint_intake_submit_attempted</span>
+        <span data-anchor="team-intake-form">Start Team Pilot Intake id="team-pilot-intake-form" data-team-intake-form name="ctaPlacement" value="team_visible_intake" name="utmMedium" value="visible_team_intake" name="planId" value="team" name="ctaId" value="workflow_sprint_intake" Team checkout happens after scope. team_workflow_sprint_recovery_intake scope_first workflow_sprint_intake_started workflow_sprint_intake_submit_attempted pricing_team_intake team_intake_started</span>
         <span data-anchor="chatgpt-context">No, you do not have to chat inside the GPT forever. ChatGPT is the discovery and memory surface. Do not rely on ChatGPT's native rating buttons for ThumbGate memory. Explore GPTs choose the GPT by Igor Ganapolsky Programming Do I have to chat inside the ThumbGate GPT for enforcement? capture thumbs-up/down lessons Real blocking for coding agents still runs locally adapters/chatgpt/INSTALL.md Native ChatGPT rating buttons are not the ThumbGate capture path. thumbs up: this review named exact files, commands, and tests. thumbs down: the answer ignored my request.</span>
       </div>
     </div>
@@ -963,7 +951,8 @@ __GA_BOOTSTRAP__
   </div>
 </section>
 
-<section class="compatibility" id="social-proof">
+<section class="compatibility" id="demo">
+  <a id="social-proof" aria-hidden="true"></a>
   <div class="container">
     <div class="section-label">See It In Action</div>
     <h2 class="section-title">See the enforcement before you buy anything</h2>
@@ -1025,6 +1014,7 @@ __GA_BOOTSTRAP__
       <a class="btn-free" href="/guides/ai-deployment-readiness" style="display:inline-flex;align-items:center;">AI deployment readiness →</a>
       <a class="btn-free" href="/use-cases/platform-teams" style="display:inline-flex;align-items:center;">Platform team rollout →</a>
       <a class="btn-free" href="/use-cases/regulated-workflows" style="display:inline-flex;align-items:center;">Regulated workflow pattern →</a>
+      <a class="btn-free" href="/agent-manager" style="display:inline-flex;align-items:center;">Built for the Agent Manager →</a>
     </div>
   </div>
 </section>
@@ -1090,6 +1080,28 @@ __GA_BOOTSTRAP__
   </div>
 </section>
 
+<section class="compatibility" id="persistent-skills">
+  <div class="container">
+    <div class="section-label">Persistent Agent Skills</div>
+    <h2 class="section-title">Reusable instructions are the new baseline. Enforcement is the moat.</h2>
+    <p style="text-align:center;font-size:16px;color:var(--text-muted);max-width:880px;margin:0 auto 28px;line-height:1.7;">Grok-style skills are training users to expect persistent expertise across every surface. ThumbGate turns that expectation into a governed reliability layer: capture the correction once, export it as a portable skill or lesson bundle, then prove the next risky tool call was blocked before it ran.</p>
+    <div class="agent-grid">
+      <div class="agent-card">
+        <h3>Portable skill memory</h3>
+        <p>Thumbs-up/down lessons become reusable rules and skill-pack context that can move across Claude Code, Cursor, Codex, Gemini, Amp, Cline, OpenCode, and MCP-compatible agents.</p>
+      </div>
+      <div class="agent-card">
+        <h3>Instructions plus teeth</h3>
+        <p>Persistent skills tell an agent what you prefer. ThumbGate checks whether the next action follows those preferences and blocks high-risk repeats before execution.</p>
+      </div>
+      <div class="agent-card">
+        <h3>Proof for teams</h3>
+        <p>Every fired rule carries the source lesson, decision trace, and audit evidence, so teams can review which skill worked instead of trusting a hidden chatbot memory.</p>
+      </div>
+    </div>
+  </div>
+</section>
+
 <!-- HOW IT WORKS -->
 <section class="how-it-works" id="how-it-works">
   <div class="container">
@@ -1262,7 +1274,7 @@ __GA_BOOTSTRAP__
       <div class="price-card pro" data-price-dollars="19">
         <div class="tier">Pro</div>
         <div class="price">$19<span style="font-size:16px;color:var(--text-dim)">/mo</span></div>
-        <div class="price-sub">Stop paying tokens to re-correct the same agent mistake across sessions.</div>
+        <div class="price-sub"><strong>The free npm package runs your gates locally and never expires.</strong> Pro is what we operate for you: hosted lesson sync across all your machines, adapter matrix kept current as agent runtimes ship breaking changes, and a dashboard you don't have to babysit.</div>
         <ul>
           <li><strong>Block every repeat mistake</strong> — unlimited feedback captures and prevention rules (Free caps at 5 active rules)</li>
           <li><strong>Never re-explain a correction</strong> — lesson recall and search across sessions on every agent surface</li>
@@ -1296,12 +1308,36 @@ __GA_BOOTSTRAP__
           <li>Workflow hardening sprint intake for approval boundaries and rollback safety</li>
           <li>Email support during pilot rollout</li>
         </ul>
-        <a href="/checkout/pro?plan_id=team&amp;seat_count=3&amp;confirm=1&amp;utm_source=website&amp;utm_medium=pricing&amp;utm_campaign=team_self_serve&amp;cta_id=pricing_team_self_serve&amp;cta_placement=pricing&amp;landing_path=%2F" onclick="try{posthog.capture('team_self_serve_click',{cta:'team_self_serve',seats:3,price:147})}catch(_){};sendFirstPartyTelemetry('team_self_serve_checkout_started',{ctaId:'pricing_team_self_serve',ctaPlacement:'pricing',planId:'team',seatCount:3,price:147});sendGa4Event('begin_checkout',{currency:'USD',value:147,items:[{item_id:'team_monthly',item_name:'ThumbGate Team (3 seats)',quantity:3}]});" class="btn-team" style="display:block;text-align:center;">Start 3-seat Team — $147/mo</a>
-        <a href="#workflow-sprint-intake" style="display:block;text-align:center;margin-top:8px;font-size:13px;color:var(--text-dim);text-decoration:none;">Or qualify first via Workflow Hardening Sprint intake →</a>
-        <p style="font-size:11px;color:var(--text-muted);margin-top:8px;text-align:center;">Team is $49/seat/mo with a 3-seat minimum. Self-serve checkout starts you at $147/mo for 3 seats; add more seats from the dashboard. Prefer to qualify the workflow before paying? Start with the intake.</p>
+        <a href="#workflow-sprint-intake" onclick="try{posthog.capture('team_intake_click',{cta:'team_intake',seats:3,price:0})}catch(_){};sendFirstPartyTelemetry('team_intake_started',{ctaId:'pricing_team_intake',ctaPlacement:'pricing',planId:'team',seatCount:3,price:0});sendGa4Event('generate_lead',{currency:'USD',value:0,method:'team_workflow_intake'});" class="btn-team" style="display:block;text-align:center;">Send team workflow first →</a>
+        <p style="font-size:11px;color:var(--text-muted);margin-top:8px;text-align:center;">Team is $49/seat/mo with a 3-seat minimum, but team rollouts start through intake so the workflow, shared rules, and rollout proof are explicit before checkout.</p>
+      </div>
+    </div>
+    <div style="max-width:1080px;margin:24px auto 0;">
+      <div class="price-card regulated" style="border:1px solid var(--cyan);background:linear-gradient(180deg, rgba(34,211,238,0.04), transparent);padding:24px 28px;">
+        <div style="display:flex;flex-wrap:wrap;align-items:flex-start;gap:24px;justify-content:space-between;">
+          <div style="flex:1 1 420px;min-width:280px;">
+            <div class="tier" style="color:var(--cyan);">Regulated</div>
+            <div style="font-size:14px;color:var(--text-muted);margin:4px 0 12px;letter-spacing:0.04em;text-transform:uppercase;">Banking · Insurance · Healthcare · Public sector</div>
+            <div style="font-size:18px;color:var(--text);margin-bottom:6px;font-weight:700;">Regulated workflow review</div>
+            <div class="price-sub" style="margin-bottom:14px;">For teams operating AI coding agents under DORA, the EU AI Act, HIPAA, or comparable audit pressure. Pricing is scoped after intake because the buyer needs evidence, deployment boundaries, and approval ownership before checkout.</div>
+            <ul style="margin-bottom:0;">
+              <li><strong>Audit-grade decision trail</strong> — every PreToolUse evaluation logged with the rule that fired, ready for SIEM export</li>
+              <li><strong>Immutable rule provenance</strong> — each prevention rule traceable to the feedback event that generated it</li>
+              <li><strong>Self-managed deployment</strong> — air-gapped or VPC-hosted; no agent state leaves your boundary</li>
+              <li><strong>DORA / EU AI Act evidence packaging</strong> — machine-readable reports aligned to Article 6, 28, and high-risk provider monitoring obligations</li>
+              <li><strong>SSO + role separation</strong> — operator, reviewer, and auditor roles enforced at the gate layer</li>
+              <li><strong>Workflow proof plan included</strong> — a scoped review that proves the boundary against one of your real repeated-failure cases before broader rollout</li>
+              <li><strong>Quarterly red-team review</strong> — prompt-injection and policy-bypass exercises with written findings</li>
+            </ul>
+          </div>
+          <div style="flex:0 0 260px;min-width:240px;display:flex;flex-direction:column;gap:10px;">
+            <a href="/?tier=regulated#workflow-sprint-intake" onclick="try{posthog.capture('regulated_intake_click',{cta:'regulated_contact_sales',placement:'pricing'})}catch(_){};sendFirstPartyTelemetry('regulated_intake_started',{ctaId:'pricing_regulated_intake',ctaPlacement:'pricing',planId:'regulated'});" class="btn-team" style="display:block;text-align:center;background:var(--cyan);color:#06121a;font-weight:800;">Start regulated intake →</a>
+            <a href="/learn/regulated-agent-execution-boundary" style="display:block;text-align:center;padding:10px 14px;font-size:13px;color:var(--cyan);border:1px solid var(--cyan);border-radius:8px;text-decoration:none;">Read the build-vs-buy thesis first</a>
+            <p style="font-size:11px;color:var(--text-muted);margin:0;text-align:center;line-height:1.5;">Pricing is workflow-scoped and shared after the intake call. Annual pre-pay available.</p>
+          </div>
+        </div>
       </div>
     </div>
-    <p style="text-align:center;color:var(--text-muted);font-size:13px;margin:40px 0;">Need a custom diagnostic, sprint, or setup? <a href="#workflow-sprint-intake" style="color:var(--cyan);text-decoration:none;">Send workflow first →</a></p>
   </div>
 </section>
 
@@ -1314,58 +1350,16 @@ __GA_BOOTSTRAP__
       <div class="team-intake-panel-head">
         <div>
           <h3>Tell us the workflow. Get a proof plan.</h3>
-          <p>The highest-fit Team buyer is already feeling one repeated failure. Start with a paid diagnostic when budget is ready, or use intake when you need qualification first.</p>
+          <p>The highest-fit Team buyer is already feeling one repeated failure. Send the workflow first so the next step is scoped around the real blocker instead of a blind checkout.</p>
         </div>
         <span class="team-intake-badge">30-minute intake</span>
       </div>
-      <div class="team-paid-path" data-sprint-paid-path aria-label="Paid workflow hardening options">
-        <div class="team-paid-card">
-          <div>
-            <h4>Workflow Hardening Diagnostic</h4>
-            <p>Paid triage for one repeated agent or review failure, with a concrete proof plan and go/no-go recommendation.</p>
-          </div>
-          <div>
-            <div class="team-paid-price">$<span data-sprint-diagnostic-price>499</span></div>
-            <a class="team-paid-link" data-sprint-diagnostic-link href="__SPRINT_DIAGNOSTIC_CHECKOUT_URL__">Pay for diagnostic</a>
-          </div>
-        </div>
-        <div class="team-paid-card">
-          <div>
-            <h4>AI Agent Governance Sprint</h4>
-            <p>48-hour Workflow Hardening Sprint for one workflow owner, one blocker, approval boundaries, rollback safety, one proof review, and one hardened rollout path.</p>
-          </div>
-          <div>
-            <div class="team-paid-price">$<span data-workflow-sprint-price>1500</span></div>
-            <a class="team-paid-link" data-workflow-sprint-link href="__WORKFLOW_SPRINT_CHECKOUT_URL__">Pay for sprint</a>
-          </div>
-        </div>
-        <div class="team-paid-card">
-          <div>
-            <h4>Reliable AI Agent Governance Setup</h4>
-            <p>Full ThumbGate-powered setup for Claude Code, Cursor, or Codex teams: npx install, custom prevention rules, audit trail, training, and proof reports. Optional ongoing rule management is $297/mo.</p>
-          </div>
-          <div>
-            <div class="team-paid-price">$3,997</div>
-            <a class="team-paid-link" href="#team-pilot-intake-form" onclick="sendFirstPartyTelemetry('governance_setup_intake_clicked',{ctaId:'team_governance_setup_intake',ctaPlacement:'team_paid_path',planId:'team',offer:'reliable_ai_agent_governance_setup',price:3997});sendGa4Event('generate_lead',{currency:'USD',value:3997,method:'governance_setup_intake'});">Request setup</a>
-          </div>
-        </div>
-        <div class="team-paid-card">
-          <div>
-            <h4>OpenClaw Agent Governance Kit</h4>
-            <p>Self-serve digital kit with ThumbGate prevention rules, OpenClaw-compatible workflow prompts, agent registry checklist, proof report template, and Zernio launch copy.</p>
-          </div>
-          <div>
-            <div class="team-paid-price">$97</div>
-            <a rel="nofollow noopener noreferrer" target="_blank" class="team-paid-link" href="https://buy.stripe.com/bJe14naiE9Lo7xT49Z3sI12" onclick="sendFirstPartyTelemetry('openclaw_governance_kit_checkout_started',{ctaId:'team_openclaw_governance_kit_checkout',ctaPlacement:'team_paid_path',planId:'digital_kit',offer:'openclaw_agent_governance_kit',price:97});sendGa4Event('begin_checkout',{currency:'USD',value:97,items:[{item_id:'openclaw_agent_governance_kit',item_name:'OpenClaw Agent Governance Kit'}]});">Buy kit</a>
-          </div>
-        </div>
-      </div>
       <div class="team-intake-recovery" aria-label="Checkout recovery path for workflow sprint buyers">
         <div>
-          <strong>Not ready to pay from a checkout page?</strong>
-          <span>Send the workflow first. We can qualify the blocker, confirm the proof plan, and route you to the $499 diagnostic, $1500 sprint, or $3,997 governance setup only when the scope is real.</span>
+          <strong>Team checkout happens after scope.</strong>
+          <span>Send the workflow first. We will qualify the blocker, confirm whether Pro, Team, or a scoped rollout is the right next step, and keep the purchase path tied to real evidence.</span>
         </div>
-        <a href="#team-pilot-intake-form" onclick="sendFirstPartyTelemetry('workflow_sprint_recovery_intake_clicked',{ctaId:'team_workflow_sprint_recovery_intake',ctaPlacement:'team_paid_path_recovery',planId:'team',offer:'workflow_hardening_sprint',reason:'checkout_abandon'});sendGa4Event('generate_lead',{currency:'USD',value:0,method:'workflow_sprint_recovery_intake'});">Send workflow first</a>
+        <a href="#team-pilot-intake-form" onclick="sendFirstPartyTelemetry('workflow_sprint_recovery_intake_clicked',{ctaId:'team_workflow_sprint_recovery_intake',ctaPlacement:'team_intake_recovery',planId:'team',offer:'workflow_hardening_sprint',reason:'scope_first'});sendGa4Event('generate_lead',{currency:'USD',value:0,method:'workflow_sprint_recovery_intake'});">Send workflow first</a>
       </div>
       <form id="team-pilot-intake-form" class="team-form" action="/v1/intake/workflow-sprint" method="POST" data-team-intake-form>
         <input type="hidden" name="ctaId" value="workflow_sprint_intake">
@@ -1404,6 +1398,10 @@ __GA_BOOTSTRAP__
         <div class="faq-q" role="button" tabindex="0" aria-expanded="false" onclick="toggleFaq(this)" onkeydown="handleFaqKeydown(event)">How is ThumbGate different from model-training feedback loops?</div>
         <div class="faq-a">ThumbGate's intelligence is context, not weights. It doesn't touch the model — it injects past feedback into context so your agent is conditioned by your corrections. Think of it as a behavioral immune system, not a training pipeline. The check blocks are hard enforcement, not soft suggestions.</div>
       </div>
+      <div class="faq-item">
+        <div class="faq-q" role="button" tabindex="0" aria-expanded="false" onclick="toggleFaq(this)" onkeydown="handleFaqKeydown(event)">How is ThumbGate different from persistent agent skills?</div>
+        <div class="faq-a">Persistent agent skills are reusable instructions. ThumbGate uses the same market shift but adds the missing enforcement loop: lessons become portable skill context, Pre-Action Checks block repeated failures before tool execution, and the dashboard shows evidence for which rule fired and why.</div>
+      </div>
       <div class="faq-item">
         <div class="faq-q" role="button" tabindex="0" aria-expanded="false" onclick="toggleFaq(this)" onkeydown="handleFaqKeydown(event)">What's the tech stack?</div>
         <div class="faq-a">SQLite+FTS5 lesson DB for fast full-text search. MemAlign-inspired dual recall (principle-based rules + episodic context). Thompson Sampling for adaptive check sensitivity per failure domain. LanceDB + Apache Arrow for local vector search with Hugging Face embeddings. ContextFS for context assembly. Bayesian belief updates on each memory. PreToolUse hook enforcement blocks known-bad actions before execution. All local-first — no cloud required.</div>
@@ -1494,7 +1492,7 @@ __GA_BOOTSTRAP__
       <a href="https://www.linkedin.com/in/igorganapolsky" target="_blank" rel="noopener">LinkedIn</a>
       <a href="/blog">Blog</a>
     </div>
-    <span class="footer-copy">© 2026 ThumbGate · MIT License · npm v1.19.0</span>
+    <span class="footer-copy">© 2026 ThumbGate · MIT License · npm v1.21.0</span>
   </div>
 </footer>
 
@@ -1584,55 +1582,6 @@ function sendGa4Event(eventName, params) {
   globalThis.gtag('event', eventName, params || {});
 }
 
-function initializePaidSprintPath() {
-  var panel = document.querySelector('[data-sprint-paid-path]');
-  if (!panel) return;
-  var diagnosticLink = document.querySelector('[data-sprint-diagnostic-link]');
-  var sprintLink = document.querySelector('[data-workflow-sprint-link]');
-  var diagnosticPrice = document.querySelector('[data-sprint-diagnostic-price]');
-  var sprintPrice = document.querySelector('[data-workflow-sprint-price]');
-  if (diagnosticPrice) diagnosticPrice.textContent = String(sprintDiagnosticPriceDollars);
-  if (sprintPrice) sprintPrice.textContent = String(workflowSprintPriceDollars);
-  var hasDiagnosticUrl = /^https?:\/\//.test(sprintDiagnosticCheckoutUrl);
-  var hasSprintUrl = /^https?:\/\//.test(workflowSprintCheckoutUrl);
-  if (!hasDiagnosticUrl && !hasSprintUrl) return;
-  panel.classList.add('visible');
-  if (hasDiagnosticUrl && diagnosticLink) {
-    diagnosticLink.href = sprintDiagnosticCheckoutUrl;
-    diagnosticLink.addEventListener('click', function() {
-      sendFirstPartyTelemetry('workflow_sprint_diagnostic_checkout_started', {
-        ctaId: 'workflow_sprint_diagnostic_checkout',
-        ctaPlacement: 'team_paid_path',
-        planId: 'team',
-        offer: 'workflow_hardening_diagnostic',
-        price: sprintDiagnosticPriceDollars,
-      });
-      sendGa4Event('begin_checkout', {
-        currency: 'USD',
-        value: sprintDiagnosticPriceDollars,
-        items: [{ item_id: 'workflow_hardening_diagnostic', item_name: 'Workflow Hardening Diagnostic' }],
-      });
-    });
-  }
-  if (hasSprintUrl && sprintLink) {
-    sprintLink.href = workflowSprintCheckoutUrl;
-    sprintLink.addEventListener('click', function() {
-      sendFirstPartyTelemetry('workflow_sprint_checkout_started', {
-        ctaId: 'workflow_sprint_checkout',
-        ctaPlacement: 'team_paid_path',
-        planId: 'team',
-        offer: 'workflow_hardening_sprint',
-        price: workflowSprintPriceDollars,
-      });
-      sendGa4Event('begin_checkout', {
-        currency: 'USD',
-        value: workflowSprintPriceDollars,
-        items: [{ item_id: 'workflow_hardening_sprint', item_name: 'Workflow Hardening Sprint' }],
-      });
-    });
-  }
-}
-
 function initializeTeamIntakeTelemetry() {
   document.querySelectorAll('[data-team-intake-form]').forEach(function(form) {
     var started = false;
@@ -1657,7 +1606,7 @@ function initializeTeamIntakeTelemetry() {
       });
       sendGa4Event('generate_lead', {
         currency: 'USD',
-        value: workflowSprintPriceDollars,
+        value: 0,
         method: 'workflow_sprint_intake',
       });
     });
@@ -1797,8 +1746,7 @@ function copyInstall(el) {
       { selector: '#pro-checkout-link', ctaId: 'pricing_pro_checkout', ctaPlacement: 'pricing', planId: 'pro' },
       { selector: '.price-card.pro .btn-pro', ctaId: 'pricing_pro_monthly', ctaPlacement: 'pricing', planId: 'pro' },
       { selector: '.hero-actions .btn-pro-page', ctaId: 'hero_workflow_intake', ctaPlacement: 'hero', planId: 'team' },
-      { selector: '.hero-paid-actions .diagnostic', ctaId: 'hero_workflow_sprint_diagnostic_checkout', ctaPlacement: 'hero_paid_path', planId: 'team' },
-      { selector: '.hero-paid-actions .intake', ctaId: 'hero_workflow_sprint_recovery_intake', ctaPlacement: 'hero_paid_path', planId: 'team' },
+      { selector: '.hero-actions .hero-pro', ctaId: 'hero_workflow_sprint_recovery_intake', ctaPlacement: 'hero', planId: 'team' },
       { selector: '.sticky-cta .btn-pro', ctaId: 'sticky_go_pro', ctaPlacement: 'sticky_cta', planId: 'pro' },
       { selector: '.price-card.team .btn-team', ctaId: 'team_workflow_sprint', ctaPlacement: 'pricing', planId: 'team' },
       { selector: '#team-pilot-intake-form', ctaId: 'workflow_sprint_intake', ctaPlacement: 'team_visible_intake', planId: 'team' }
@@ -1808,7 +1756,6 @@ function copyInstall(el) {
 </script>
 <script>
 initializeBuyerIntentForms();
-initializePaidSprintPath();
 initializeTeamIntakeTelemetry();
 
 async function handleProCheckout() {
@@ -1833,6 +1780,11 @@ async function handleProCheckout() {
   if (typeof plausible === 'function') {
     plausible('pro_email_captured', { props: { page: 'homepage', intent: 'checkout' } });
   }
+  sendGa4Event('begin_checkout', {
+    currency: 'USD',
+    value: proPriceDollars,
+    items: [{ item_id: 'pro_monthly', item_name: 'ThumbGate Pro Monthly' }],
+  });
   try {
     await buyerIntent.submitNewsletterSignup(normalizedEmail);
   } catch (_err) {
@@ -1840,6 +1792,27 @@ async function handleProCheckout() {
   }
   globalThis.location.assign(checkoutUrl);
 }
+
+// Conversion-path safety: /services redirects to /#workflow-sprint-intake.
+// Modern browsers auto-open a <details> containing the hash target, but
+// older Safari/Firefox/Chrome (<2020) do not. Force-open any ancestor
+// <details> of the hash target so high-intent buyers always see the
+// paid intake content on arrival.
+function openDetailsForHash() {
+  var hash = globalThis.location.hash;
+  if (!hash || hash.length < 2) return;
+  var target;
+  try { target = document.querySelector(hash); } catch (_) { return; }
+  if (!target) return;
+  var el = target;
+  while (el && el !== document.body) {
+    if (el.tagName === 'DETAILS') { el.open = true; }
+    el = el.parentElement;
+  }
+  target.scrollIntoView({ behavior: 'auto', block: 'start' });
+}
+globalThis.addEventListener('DOMContentLoaded', openDetailsForHash);
+globalThis.addEventListener('hashchange', openDetailsForHash);
 </script>
 </body>
 </html>

package/public/learn.html

@@ -243,6 +243,14 @@
   <p class="hero-sub" style="font-size:0.85rem;margin-top:-1rem;">Updated: <time datetime="2026-04-20">2026-04-20</time> · by <a href="https://github.com/IgorGanapolsky" style="color:inherit;">Igor Ganapolsky</a></p>
 
   <div class="article-grid">
+    <a href="/learn/regulated-agent-execution-boundary" class="article-card">
+      <h3>The $1.4M Cost of Building Agent Guardrails — And Why Pre-Action Gates Are the Buy-Side Answer</h3>
+      <p>GitLab&apos;s Field CTO put a $1.4M / 18-month price tag on DIY agentic AI platforms in regulated industries. We agree with the buy thesis and name the layer the article didn&apos;t: the execution boundary between the platform and prod.</p>
+      <span class="article-tag">Regulated Industries</span>
+      <span class="article-tag">DORA / EU AI Act</span>
+      <span class="article-tag">Build vs Buy</span>
+    </a>
+
     <a href="/learn/stop-ai-agent-force-push" class="article-card">
       <h3>How to Stop AI Agents From Force-Pushing to Main</h3>
       <p>Your agent just ran git push --force on main. Again. Here is how to make that physically impossible with a pre-action check that takes two minutes to set up.</p>
@@ -266,6 +274,13 @@
       <span class="article-tag">PreToolUse</span>
       <span class="article-tag">Technical</span>
     </a>
+    <a href="/learn/ai-agent-governance" class="article-card">
+      <h3>AI Agent Governance — The Four Layers Pattern</h3>
+      <p>AI agent governance has four layers: prompt rules, decorator wrappers, pre-action hooks, sandbox isolation. Each catches a different failure mode. Pick the layer that matches your stack — and understand why prompt rules alone fail.</p>
+      <span class="article-tag">Governance</span>
+      <span class="article-tag">Architecture</span>
+      <span class="article-tag">Pattern</span>
+    </a>
     <a href="/learn/agent-harness-pattern" class="article-card">
       <h3>The Agent Harness Pattern: Why Your AI Needs a Seatbelt</h3>
       <p>Tsinghua researchers formalized agent harnesses as first-class objects with contracts, verification checks, and durable state. ThumbGate implements this pattern in production today.</p>
@@ -274,6 +289,22 @@
       <span class="article-tag">NLAH</span>
     </a>
 
+    <a href="/learn/agent-swarms-shared-gates" class="article-card">
+      <h3>Agent Swarms: One Gate Layer, Every Model</h3>
+      <p>A 5-agent swarm without shared memory pays 5&times; the tokens on every repeated mistake. Here is how a single MCP gate layer makes Opus, GPT, and Gemini fail the same way only once.</p>
+      <span class="article-tag">Agent Swarms</span>
+      <span class="article-tag">Multi-Agent</span>
+      <span class="article-tag">Shared Memory</span>
+    </a>
+
+    <a href="/learn/claude-code-goal-with-rubrics" class="article-card">
+      <h3>Claude Code /goal vs Todo: The 4-Field Pattern That Actually Holds</h3>
+      <p>Treating /goal like a todo wastes the command. The 4-field pattern (clear goal, measurable success, shown proof, hard limits) is the same shape as a ThumbGate rubric. Pair them and the agent cannot fake completion.</p>
+      <span class="article-tag">Claude Code</span>
+      <span class="article-tag">/goal Pattern</span>
+      <span class="article-tag">Rubric Enforcement</span>
+    </a>
+
     <a href="/learn/ai-agent-persistent-memory" class="article-card">
       <h3>How to Give Your AI Coding Agent Persistent Memory Across Sessions</h3>
       <p>Your agent forgets everything when the session ends. Here is how to give Claude Code, Cursor, Codex, and Gemini memory that survives restarts — without retraining.</p>

package/public/numbers.html

@@ -25,7 +25,7 @@
   "alternateName": "thumbgate",
   "applicationCategory": "DeveloperApplication",
   "operatingSystem": "Cross-platform, Node.js >=18.18.0",
-  "softwareVersion": "1.19.0",
+  "softwareVersion": "1.21.0",
   "url": "https://thumbgate-production.up.railway.app/numbers",
   "dateModified": "2026-05-07",
   "creator": {
@@ -202,7 +202,7 @@
 <main class="container">
   <h1>The Numbers</h1>
   <p class="subtitle">Generated first-party operational snapshot from the ThumbGate runtime. This is not customer traction, install volume, revenue, or proof that a configured gate has fired.</p>
-  <div class="freshness">Updated: 2026-05-07 · Version 1.19.0</div>
+  <div class="freshness">Updated: 2026-05-07 · Version 1.21.0</div>
   <div class="truth-note"><strong>Read this first:</strong> configured checks are inventory. Recorded blocks and warnings are usage evidence. This snapshot currently reports 0 recorded hard-block event(s) and 0 recorded warning event(s).</div>
 
   <h2>Gate enforcement</h2>