thumbgate 1.2.0 → 1.4.0

package/.claude-plugin/README.md

@@ -2,13 +2,13 @@
 
 `thumbgate` gives Claude Desktop a local-first **Reliability Gateway** and **Pre-Action Gates** for workflow hardening.
 
-The extension path is useful when a team wants Claude Desktop to keep one workflow sharper over time without adding another orchestration layer. The MCP server captures explicit feedback, recalls past failures, distills lessons from the recent conversation window when a thumbs signal is vague, promotes reusable prevention rules, and produces proof-backed rollout artifacts.
+The extension path is useful when a team wants Claude Desktop to keep one workflow sharper over time without adding another orchestration layer. The MCP server captures explicit feedback, recalls past failures, distills lessons from up to 8 prior recorded entries when the current Claude hook only gets a vague thumbs-down, promotes reusable prevention rules, and produces proof-backed rollout artifacts.
 
 ## Features
 
 - Workflow hardening for Claude-first engineering and ops workflows
 - Pre-Action Gates that block repeated mistakes before tool use
-- History-aware lesson distillation from the last ~10 messages and failed tool calls
+- History-aware lesson distillation from up to 8 prior recorded entries and failed tool calls in the current Claude auto-capture path
 - Reliability memory and recall across long sessions
 - Bounded context packs, provenance, and diagnostics
 - DPO export and analytics bundle generation after runtime reliability lands
@@ -105,9 +105,9 @@ Optional hosted path:
 
 **User prompt:** "👎 That was wrong."
 **Expected behavior:**
-- Claude Desktop can pass the last ~10 messages and the failed tool call into `capture_feedback`
+- Claude Desktop can pass up to 8 prior recorded entries and the failed tool call into `capture_feedback`
 - ThumbGate distills a proposed `whatWentWrong` and `whatToChange` from recent history
-- A linked follow-up note can refine the same feedback record with `relatedFeedbackId`
+- A linked 60-second follow-up session can refine the same feedback record with `relatedFeedbackId`
 
 ## Privacy Policy
 

package/.claude-plugin/marketplace.json

@@ -1,23 +1,42 @@
 {
-  "name": "thumbgate",
-  "version": "1.2.0",
+  "name": "thumbgate-marketplace",
+  "version": "1.4.0",
+  "owner": {
+    "name": "Igor Ganapolsky",
+    "email": "ig5973700@gmail.com"
+  },
   "plugins": [
     {
       "name": "thumbgate",
       "description": "Pre-action gates that block AI coding agents from repeating known mistakes. Captures feedback, auto-promotes failures into prevention rules, and enforces them via PreToolUse hooks.",
-      "type": "mcp",
       "source": {
-        "type": "npm",
-        "package": "thumbgate",
-        "command": "npx",
-        "args": [
-          "--yes",
-          "--package",
-          "thumbgate",
-          "thumbgate",
-          "serve"
-        ]
+        "source": "npm",
+        "package": "thumbgate"
       },
+      "version": "1.3.0",
+      "author": {
+        "name": "Igor Ganapolsky"
+      },
+      "homepage": "https://thumbgate-production.up.railway.app",
+      "repository": "https://github.com/IgorGanapolsky/ThumbGate",
+      "license": "MIT",
+      "category": "developer-tools",
+      "tags": [
+        "pre-action-gates",
+        "ai-agent-safety",
+        "mcp",
+        "memory",
+        "workflow-hardening"
+      ],
+      "keywords": [
+        "claude-desktop",
+        "desktop-extension",
+        "pre-action-gates",
+        "ai-agent-safety",
+        "mcp",
+        "memory",
+        "workflow-hardening"
+      ],
       "metadata": {
         "author": "Igor Ganapolsky",
         "homepage": "https://thumbgate-production.up.railway.app",

package/.claude-plugin/plugin.json

@@ -1,7 +1,7 @@
 {
   "name": "thumbgate",
   "description": "Pre-action gates that block AI coding agents from repeating known mistakes. Captures feedback, auto-promotes failures into prevention rules, and enforces them via PreToolUse hooks.",
-  "version": "1.2.0",
+  "version": "1.4.0",
   "author": {
     "name": "Igor Ganapolsky"
   },
@@ -17,5 +17,18 @@
     "memory",
     "guardrails",
     "workflow-hardening"
-  ]
+  ],
+  "skills": "skills",
+  "mcpServers": {
+    "thumbgate": {
+      "command": "npx",
+      "args": [
+        "--yes",
+        "--package",
+        "thumbgate",
+        "thumbgate",
+        "serve"
+      ]
+    }
+  }
 }

package/.well-known/llms.txt

@@ -0,0 +1,60 @@
+# ThumbGate — Pre-action gates for AI coding agents
+# https://thumbgate-production.up.railway.app
+# https://github.com/IgorGanapolsky/ThumbGate
+# https://www.npmjs.com/package/thumbgate
+
+> ThumbGate makes AI coding agents self-improving. Every mistake becomes
+> a prevention rule that physically blocks the agent from repeating it.
+> Feedback-driven enforcement via PreToolUse hooks.
+
+## What ThumbGate solves
+
+- AI coding agents repeat the same mistakes across sessions
+- CLAUDE.md and .cursorrules files are suggestions agents can ignore
+- No memory between sessions means no learning from corrections
+- Teams have no shared safety rules across developers
+
+## How it works
+
+1. Agent makes a mistake → developer gives thumbs-down
+2. ThumbGate captures context and infers a structured lesson
+3. Recurring failures get promoted to enforcement gates
+4. PreToolUse hooks block the pattern before it executes again
+5. Thompson Sampling adapts gate confidence over time
+
+## Who it's for
+
+- Developers using Claude Code, Cursor, Codex, Gemini CLI, or any MCP-compatible agent
+- Engineering teams that need shared agent safety rules
+- Anyone tired of re-correcting their AI coding assistant
+
+## Install
+
+```
+npx thumbgate init --agent claude-code
+```
+
+## Pricing
+
+- Free: 3 feedback captures/day, 5 lesson searches/day, 5 built-in gates
+- Pro: $19/mo or $149/yr — unlimited everything, auto-gate promotion, multi-repo sync
+- Founding Member: $49 one-time, Pro forever
+
+## Links
+
+- Documentation: https://thumbgate-production.up.railway.app/guide
+- Dashboard: https://thumbgate-production.up.railway.app/dashboard
+- GitHub: https://github.com/IgorGanapolsky/ThumbGate
+- npm: https://www.npmjs.com/package/thumbgate
+- Full LLM context: https://thumbgate-production.up.railway.app/public/llm-context.md
+
+## Compared to alternatives
+
+- vs CLAUDE.md: ThumbGate enforces rules via hooks, not suggestions in prompts
+- vs Mem0: ThumbGate is enforcement-first, not just memory storage
+- vs SpecLock: ThumbGate uses adaptive Thompson Sampling, not static rules
+- vs manual .cursorrules: ThumbGate auto-generates rules from feedback
+
+## Technical stack
+
+Node.js >=18.18, SQLite+FTS5 lesson DB, Thompson Sampling, LanceDB vectors, MCP protocol, PreToolUse hooks

package/.well-known/mcp/server-card.json

@@ -1,6 +1,6 @@
 {
   "name": "thumbgate",
-  "version": "1.2.0",
+  "version": "1.4.0",
   "description": "ThumbGate — 👍👎 feedback that teaches your AI agent. Thumbs down a mistake, it never happens again.",
   "homepage": "https://github.com/IgorGanapolsky/thumbgate",
   "transport": "stdio",

package/README.md

@@ -1,25 +1,36 @@
 # ThumbGate
 
-Make your AI coding agent self-improving. ThumbGate turns thumbs-up and thumbs-down into a control plane for autonomous development: pre-action gates, workflow governance, and isolated execution guidance for high-risk runs.
+Make your AI coding agent self-improving — and authentically yours. ThumbGate turns thumbs-up and thumbs-down into a learned control plane for autonomous development: pre-action gates, a trained intervention policy, workflow governance, and isolated execution guidance for high-risk runs. Every gate enforces your team's actual standards, not generic AI patterns.
 
 [![CI](https://github.com/IgorGanapolsky/ThumbGate/actions/workflows/ci.yml/badge.svg)](https://github.com/IgorGanapolsky/ThumbGate/actions/workflows/ci.yml)
 [![npm](https://img.shields.io/npm/v/thumbgate)](https://www.npmjs.com/package/thumbgate)
 [![License: MIT](https://img.shields.io/badge/License-MIT-green.svg)](LICENSE)
-[![Try Free](https://img.shields.io/badge/Pro-Try%20Free%20→-635bff?style=for-the-badge&logo=stripe&logoColor=white)](https://thumbgate-production.up.railway.app/checkout/pro?utm_source=github&utm_medium=readme&utm_campaign=badge_cta)
+[![Start Sprint](https://img.shields.io/badge/Workflow%20Hardening%20Sprint-Start%20Intake%20→-16a34a?style=for-the-badge)](https://thumbgate-production.up.railway.app/?utm_source=github&utm_medium=readme&utm_campaign=badge_cta#workflow-sprint-intake)
 
-**[Pro Page](https://thumbgate-production.up.railway.app/pro?utm_source=github&utm_medium=readme&utm_campaign=pro_page)** · **[Live Dashboard](https://thumbgate-production.up.railway.app/dashboard?utm_source=github&utm_medium=readme&utm_campaign=top_cta)** · **[Pricing](https://thumbgate-production.up.railway.app/?utm_source=github&utm_medium=readme&utm_campaign=top_cta#pricing)** · **[Setup Guide](https://thumbgate-production.up.railway.app/guide?utm_source=github&utm_medium=readme&utm_campaign=top_cta)**
+**[Workflow Hardening Sprint](https://thumbgate-production.up.railway.app/?utm_source=github&utm_medium=readme&utm_campaign=top_cta#workflow-sprint-intake)** · **[Live Dashboard](https://thumbgate-production.up.railway.app/dashboard?utm_source=github&utm_medium=readme&utm_campaign=top_cta)** · **[Setup Guide](https://thumbgate-production.up.railway.app/guide?utm_source=github&utm_medium=readme&utm_campaign=top_cta)** · **[Install Codex Plugin](https://github.com/IgorGanapolsky/ThumbGate/releases/latest/download/thumbgate-codex-plugin.zip)** · **[Pro Page](https://thumbgate-production.up.railway.app/pro?utm_source=github&utm_medium=readme&utm_campaign=pro_page)**
 
 **Popular buyer questions:** **[How to stop repeated AI agent mistakes](https://thumbgate-production.up.railway.app/guides/stop-repeated-ai-agent-mistakes?utm_source=github&utm_medium=readme&utm_campaign=buyer_questions)** · **[Cursor guardrails](https://thumbgate-production.up.railway.app/guides/cursor-agent-guardrails?utm_source=github&utm_medium=readme&utm_campaign=buyer_questions)** · **[Codex CLI guardrails](https://thumbgate-production.up.railway.app/guides/codex-cli-guardrails?utm_source=github&utm_medium=readme&utm_campaign=buyer_questions)** · **[Gemini CLI memory + enforcement](https://thumbgate-production.up.railway.app/guides/gemini-cli-feedback-memory?utm_source=github&utm_medium=readme&utm_campaign=buyer_questions)**
 
+**Running Codex?** **[Download the standalone Codex plugin bundle](https://github.com/IgorGanapolsky/ThumbGate/releases/latest/download/thumbgate-codex-plugin.zip)** · **[Open the Codex install guide](plugins/codex-profile/INSTALL.md)**
+
 ### Get Started
 
-**ThumbGate Pro (Recommended)** — zero config, team analytics, shared lesson DB:
+**Best first paid motion for teams:** the **Workflow Hardening Sprint**.
+
+[![Start Workflow Hardening Sprint](https://img.shields.io/badge/>>%20Start%20Intake%20→%20Workflow%20Hardening%20Sprint-16a34a?style=for-the-badge)](https://thumbgate-production.up.railway.app/?utm_source=github&utm_medium=readme&utm_campaign=get_started#workflow-sprint-intake)
+
+One workflow. One owner. One proof review. That is the fastest path to a paid team engagement because it qualifies a real blocker before anyone tries to sell a full rollout.
 
-[![Sign up for ThumbGate Pro](https://img.shields.io/badge/>>%20Start%20Free%20→%20ThumbGate%20Pro-635bff?style=for-the-badge)](https://thumbgate-production.up.railway.app/checkout/pro?utm_source=github&utm_medium=readme&utm_campaign=get_started)
+**Best first technical motion:** install the local CLI and let `init` wire the hooks and MCP transport for the agent you already use.
 
-Free for individual developers. Pro adds team dashboards, DPO export, and unlimited lesson search. [See pricing →](https://thumbgate-production.up.railway.app/?utm_source=github&utm_medium=readme&utm_campaign=pricing_link#pricing)
+**Best first Codex motion:** install the published Codex plugin bundle if you want ThumbGate to show up as a first-class Codex plugin instead of wiring MCP by hand.
 
-**Paid path for individual operators:** [ThumbGate Pro](https://thumbgate-production.up.railway.app/pro?utm_source=github&utm_medium=readme&utm_campaign=pro_page) is the buyer-ready page for the personal local dashboard, DPO export, and review-ready evidence. It makes the paid upgrade legible before checkout while the self-hosted path below stays optimized for open source evaluation.
+- Standalone download: `https://github.com/IgorGanapolsky/ThumbGate/releases/latest/download/thumbgate-codex-plugin.zip`
+- Install guide: `plugins/codex-profile/INSTALL.md`
+
+Free stays for individual developers. The commercial path is enterprise-first: Team pricing anchors at **$99/seat/mo with a 3-seat minimum**, and the public paid motion starts with the Workflow Hardening Sprint so one blocker gets qualified before a wider rollout. [See pricing →](https://thumbgate-production.up.railway.app/?utm_source=github&utm_medium=readme&utm_campaign=pricing_link#pricing)
+
+**Paid path for individual operators:** [ThumbGate Pro](https://thumbgate-production.up.railway.app/pro?utm_source=github&utm_medium=readme&utm_campaign=pro_page) remains the self-serve side lane for the personal local dashboard, DPO export, and review-ready evidence. It is useful when one operator wants proof and debugging help without the team rollout motion.
 
 **Open Source (Self-Hosted):**
 
@@ -35,6 +46,18 @@ ThumbGate is the control plane for AI coding agents:
 - Workflow Sentinel scores blast radius before execution, so risky PR, release, and publish flows are visible early.
 - High-risk local actions can be routed into Docker Sandboxes, while hosted team automations use a signed isolated sandbox lane.
 - Team rollout stays tied to [Verification Evidence](docs/VERIFICATION_EVIDENCE.md) instead of trust-me operator claims.
+- AI agent outputs stay grounded in your team's actual standards — not generic patterns — because every gate enforces human judgment before the action executes.
+
+## Release Confidence
+
+Enterprise buyers do not just need a safer runtime. They need legible publishes.
+
+- Release-relevant PRs must carry a `.changeset/*.md` entry, so every shipped package version has a customer-readable explanation before publish.
+- [SemVer Policy](docs/SEMVER_POLICY.md) and version-sync checks keep `package.json`, `CHANGELOG.md`, plugin manifests, and installer metadata aligned.
+- CI enforces changeset coverage, version sync, tests, coverage, proof lanes, and operational integrity before merge.
+- Final close-out requires verifying the exact `main` merge commit, with proof anchored in [Verification Evidence](docs/VERIFICATION_EVIDENCE.md).
+
+See [Release Confidence](docs/RELEASE_CONFIDENCE.md) for the full trust chain.
 
 ## Before / After
 
@@ -77,6 +100,32 @@ Session 3:                           Session 3+:
    │                        │                            │
 ```
 
+## Use Cases
+
+- **Stop AI agent force-push to main** — Prevent lost commits with a pre-action gate that blocks `git push --force` on protected branches
+- **Prevent repeated database migration failures** — Each mistake becomes a searchable lesson that fires before the next migration attempt
+- **Block unauthorized file edits** — Control which files agents can modify with path-based gates
+- **Memory across sessions** — Agent remembers feedback from yesterday's mistakes without any manual rule-writing
+- **Shared team safety** — One developer's thumbs-down protects the whole team from the same mistake
+- **Auto-improving without human feedback** — Self-distillation mode evaluates agent outcomes and generates lessons automatically
+
+## FAQ
+
+**Is ThumbGate a model fine-tuning tool?**
+No. ThumbGate doesn't update model weights. It works by capturing feedback into structured lessons, injecting relevant context at runtime, and blocking bad actions via PreToolUse hooks.
+
+**How is this different from CLAUDE.md or .cursorrules?**
+CLAUDE.md files are suggestions that agents can ignore. ThumbGate gates are enforcement — they physically block the action before it executes via PreToolUse hooks. Gates also auto-generate from feedback instead of requiring manual rule-writing.
+
+**Does it work with my agent?**
+Yes. ThumbGate is MCP-compatible and works with Claude Code, Cursor, Codex, Gemini CLI, Amp, OpenCode, and any agent that supports PreToolUse hooks or MCP. Codex now has a standalone plugin bundle at `https://github.com/IgorGanapolsky/ThumbGate/releases/latest/download/thumbgate-codex-plugin.zip` in addition to the repo-local profile.
+
+**What's the self-distillation mode?**
+ThumbGate can auto-evaluate agent action outcomes (test failures, reverted edits, error patterns) and generate prevention rules without any human feedback. Your agent gets smarter every session automatically.
+
+**Is it free?**
+Free tier: 3 feedback captures/day, 5 lesson searches/day, 5 built-in gates. Pro is $19/mo or $149/yr for solo operators who need the personal local dashboard and exports. Team rollout starts intake-first at $99/seat/mo with a 3-seat minimum when shared lessons, org visibility, and approval boundaries matter.
+
 ## The Loop
 
 ```
@@ -90,6 +139,8 @@ Session 3:                           Session 3+:
 
 ## Quick Start (Self-Hosted)
 
+ThumbGate is CLI-first. MCP is the compatibility transport, and `npx thumbgate init` wires it for the agent instead of making the transport the product.
+
 ```bash
 npx thumbgate init                                    # auto-detect agent + wire hooks
 npx thumbgate doctor                                  # health check
@@ -101,7 +152,62 @@ Or wire MCP directly: `claude mcp add thumbgate -- npx -y thumbgate serve`
 
 Works with **Claude Code, Cursor, Codex, Gemini, Amp, OpenCode**, and any MCP-compatible agent.
 
-> **Want team analytics and shared lessons?** [Start with ThumbGate Pro →](https://thumbgate-production.up.railway.app/checkout/pro?utm_source=github&utm_medium=readme&utm_campaign=quickstart_cta) Free for individual devs. No credit card required.
+Codex standalone plugin bundle: `https://github.com/IgorGanapolsky/ThumbGate/releases/latest/download/thumbgate-codex-plugin.zip`
+
+Codex install guide: `plugins/codex-profile/INSTALL.md`
+
+> **Need shared enforcement, auditability, approval boundaries, and rollout proof for a team workflow?** [Start with the Workflow Hardening Sprint →](https://thumbgate-production.up.railway.app/?utm_source=github&utm_medium=readme&utm_campaign=quickstart_cta#workflow-sprint-intake)
+>
+> **Need a personal dashboard and DPO export for yourself?** [See ThumbGate Pro →](https://thumbgate-production.up.railway.app/pro?utm_source=github&utm_medium=readme&utm_campaign=quickstart_cta_pro)
+
+## Install for Your Agent
+
+### Claude Code
+```bash
+npx thumbgate init --agent claude-code
+```
+Wires PreToolUse hooks automatically. Works immediately.
+
+### Cursor
+```bash
+npx thumbgate init --agent cursor
+```
+Installs as a Cursor extension with 4 skills: capture-feedback, prevention-rules, search-lessons, recall-context.
+
+### Codex
+```bash
+npx thumbgate init --agent codex
+```
+Bridges to Codex CLI with 6 skills including adversarial review and second-pass analysis.
+
+### Gemini CLI
+```bash
+npx thumbgate init --agent gemini
+```
+
+### Amp
+```bash
+npx thumbgate init --agent amp
+```
+
+### Any MCP-Compatible Agent
+```bash
+npx thumbgate serve
+```
+Starts the MCP server on stdio. Connect from any MCP-compatible client.
+
+### Claude Desktop
+Add to your `claude_desktop_config.json`:
+```json
+{
+  "mcpServers": {
+    "thumbgate": {
+      "command": "npx",
+      "args": ["--yes", "thumbgate", "serve"]
+    }
+  }
+}
+```
 
 ## Built-in Gates
 
@@ -130,30 +236,32 @@ Works with **Claude Code, Cursor, Codex, Gemini, Amp, OpenCode**, and any MCP-co
               └─► lesson inferred from full conversation
 ```
 
-History-aware distillation turns vague signals into concrete lessons using the last ~10 messages and the failed tool call.
+History-aware distillation turns vague negative signals into concrete lessons. In the current Claude auto-capture path, ThumbGate can reuse up to 8 prior recorded conversation entries plus the failed tool call, then keep a linked 60-second follow-up session open for later clarification.
 
 Free and self-hosted users can invoke `search_lessons` directly through MCP, and via the CLI with `npx thumbgate lessons`.
 
-## Pricing
+## Buying Paths
 
 ```
-┌──────────────┬──────────────────────┬──────────────────────────────┐
-│    FREE      │ PRO $19/mo or $149/yr│   TEAM $12/seat/mo (min 3)   │
-├──────────────┼──────────────────────┼──────────────────────────────┤
-│ Unlimited    │ Unlimited feedback │ Shared hosted lesson DB      │
-│ feedback     │ captures + search  │ Org dashboard                │
-│ captures     │ DPO export         │ Gate template library         │
-│ 5 daily      │ Personal dashboard │ Isolated execution guidance   │
-│ lesson       │                    │                              │
-│ searches     │                    │                              │
-└──────────────┴────────────────────┴──────────────────────────────┘
+┌──────────────┬──────────────────────────────┬──────────────────────┐
+│    FREE      │   TEAM $99/seat/mo (min 3)   │ PRO $19/mo or $149/yr│
+├──────────────┼──────────────────────────────┼──────────────────────┤
+│ Local CLI    │ Workflow hardening sprint    │ Personal dashboard   │
+│ enforcement  │ Shared hosted lesson DB      │ DPO export           │
+│ 3 captures   │ Org dashboard                │ Review-ready exports │
+│ 5 searches   │ Approval + audit proof       │                      │
+│ Unlimited    │ Isolated execution guidance  │                      │
+│ recall       │                              │                      │
+└──────────────┴──────────────────────────────┴──────────────────────┘
 ```
 
-Free includes unlimited feedback captures, 5 daily lesson searches, unlimited recall, and gating. History-aware distillation turns vague feedback into concrete lessons. Feedback sessions (`open_feedback_session` → `append_feedback_context` → `finalize_feedback_session`) link follow-up context to one record.
+Free is the CLI-first adoption wedge: 3 daily feedback captures, 5 daily lesson searches, unlimited recall, and gating. History-aware distillation turns vague feedback into concrete lessons, and feedback sessions (`open_feedback_session` → `append_feedback_context` → `finalize_feedback_session`) keep later clarification linked to one record. The current Claude auto-capture path uses up to 8 prior recorded entries for vague thumbs-down signals; the follow-up session stays open for 60 seconds and resets when more context is appended.
+
+It does not update model weights in frontier LLMs. ThumbGate improves runtime behavior by training a local sidecar intervention policy from feedback, gate audits, and diagnostics, then using that policy to strengthen recall, verification, and enforcement decisions on future runs.
 
-It does not update model weights. It's context engineering plus execution control: enforcement that gets smarter every session, with Docker Sandboxes guidance for the riskiest local actions and a hosted isolated lane for team workflows.
+The fastest commercial path is not a generic self-serve subscription pitch. It is the Workflow Hardening Sprint: qualify one repeated failure in one valuable workflow, prove the control plane on that surface, then expand into Team seats when shared enforcement matters. Pro stays available as the side lane for a solo operator who needs a personal dashboard and export-ready evidence, but it is not the headline buying motion.
 
-**[Get Pro](https://thumbgate-production.up.railway.app/checkout/pro?utm_source=github&utm_medium=readme&utm_campaign=thumbgate)** | **[Start Team Rollout](https://thumbgate-production.up.railway.app/?utm_source=github&utm_medium=readme&utm_campaign=team_rollout#workflow-sprint-intake)** | **[Live Dashboard](https://thumbgate-production.up.railway.app/dashboard?utm_source=github&utm_medium=readme&utm_campaign=thumbgate)**
+**[Start Workflow Hardening Sprint](https://thumbgate-production.up.railway.app/?utm_source=github&utm_medium=readme&utm_campaign=team_rollout#workflow-sprint-intake)** | **[Live Dashboard](https://thumbgate-production.up.railway.app/dashboard?utm_source=github&utm_medium=readme&utm_campaign=thumbgate)** | **[See Pro](https://thumbgate-production.up.railway.app/pro?utm_source=github&utm_medium=readme&utm_campaign=thumbgate)**
 
 ## Tech Stack
 
@@ -180,6 +288,8 @@ It does not update model weights. It's context engineering plus execution contro
 
 - [Commercial Truth](docs/COMMERCIAL_TRUTH.md) — pricing, claims, what we don't say
 - [Changeset Strategy](docs/CHANGESET_STRATEGY.md) — how release notes, version bumps, and customer-facing change records are enforced
+- [First Dollar Playbook](docs/FIRST_DOLLAR_PLAYBOOK.md) — the operator loop for turning one painful workflow into the next booked pilot
+- [Release Confidence](docs/RELEASE_CONFIDENCE.md) — how Changesets, SemVer, sync checks, proof lanes, and exact-merge verification make publishes inspectable
 - [SemVer Policy](docs/SEMVER_POLICY.md) — stable vs prerelease channel rules
 - [Verification Evidence](docs/VERIFICATION_EVIDENCE.md) — proof artifacts
 - [WORKFLOW.md](WORKFLOW.md) — agent-run contract (scope, hard stops, proof commands)

package/adapters/README.md

@@ -3,7 +3,7 @@
 - `chatgpt/openapi.yaml`: import into GPT Actions.
 - `gemini/function-declarations.json`: Gemini function-calling definitions.
 - `mcp/server-stdio.js`: underlying local MCP stdio server implementation.
-- `claude/.mcp.json`: example Claude Code MCP config using `npx --yes --package thumbgate@1.2.0 thumbgate serve`.
+- `claude/.mcp.json`: example Claude Code MCP config using `npx --yes --package thumbgate@1.4.0 thumbgate serve`.
 - `codex/config.toml`: example Codex MCP profile section using the same version-pinned portable launcher.
 - `amp/skills/thumbgate-feedback/SKILL.md`: Amp skill template.
 - `opencode/opencode.json`: portable OpenCode MCP profile using the same version-pinned portable launcher.

package/adapters/chatgpt/openapi.yaml

@@ -814,6 +814,98 @@ paths:
           description: Invalid dashboard render view or query
         '401':
           description: Unauthorized
+  /v1/decisions/evaluate:
+    post:
+      operationId: evaluateDecision
+      requestBody:
+        required: true
+        content:
+          application/json:
+            schema:
+              type: object
+              required: [toolName]
+              properties:
+                toolName:
+                  type: string
+                command:
+                  type: string
+                filePath:
+                  type: string
+                changedFiles:
+                  type: array
+                  items:
+                    type: string
+                repoPath:
+                  type: string
+                baseBranch:
+                  type: string
+                requirePrForReleaseSensitive:
+                  type: boolean
+                requireVersionNotBehindBase:
+                  type: boolean
+      responses:
+        '200':
+          description: Persisted workflow-sentinel recommendation with decision-control metadata and actionId
+          content:
+            application/json:
+              schema:
+                type: object
+                additionalProperties: true
+        '400':
+          description: Invalid decision evaluation request
+        '401':
+          description: Unauthorized
+  /v1/decisions/outcome:
+    post:
+      operationId: recordDecisionOutcome
+      requestBody:
+        required: true
+        content:
+          application/json:
+            schema:
+              type: object
+              required: [actionId, outcome]
+              properties:
+                actionId:
+                  type: string
+                outcome:
+                  type: string
+                actualDecision:
+                  type: string
+                actor:
+                  type: string
+                notes:
+                  type: string
+                latencyMs:
+                  type: number
+                metadata:
+                  type: object
+                  additionalProperties: true
+      responses:
+        '200':
+          description: Recorded a decision override, rollback, completion, or block outcome
+          content:
+            application/json:
+              schema:
+                type: object
+                additionalProperties: true
+        '400':
+          description: Invalid decision outcome request
+        '401':
+          description: Unauthorized
+  /v1/decisions/metrics:
+    get:
+      operationId: getDecisionMetrics
+      responses:
+        '200':
+          description: Decision-loop metrics derived from recorded evaluations and outcomes
+          content:
+            application/json:
+              schema:
+                type: object
+                additionalProperties: true
+        '401':
+          description: Unauthorized
   /v1/settings/status:
     get:
       operationId: getSettingsStatus
@@ -1115,6 +1207,82 @@ paths:
           description: DPO export accepted as a hosted background job
         '401':
           description: Unauthorized
+  /v1/documents:
+    get:
+      operationId: listImportedDocuments
+      parameters:
+        - in: query
+          name: query
+          schema:
+            type: string
+        - in: query
+          name: q
+          schema:
+            type: string
+        - in: query
+          name: tag
+          schema:
+            type: string
+        - in: query
+          name: limit
+          schema:
+            type: integer
+            default: 20
+      responses:
+        '200':
+          description: Imported policy and runbook documents
+        '401':
+          description: Unauthorized
+  /v1/documents/import:
+    post:
+      operationId: importDocument
+      requestBody:
+        required: true
+        content:
+          application/json:
+            schema:
+              type: object
+              properties:
+                filePath:
+                  type: string
+                content:
+                  type: string
+                title:
+                  type: string
+                sourceFormat:
+                  type: string
+                  enum: [markdown, text, yaml, json, html]
+                sourceUrl:
+                  type: string
+                tags:
+                  type: array
+                  items:
+                    type: string
+                proposeGates:
+                  type: boolean
+      responses:
+        '201':
+          description: Document imported
+        '400':
+          description: Invalid document import request
+        '401':
+          description: Unauthorized
+  /v1/documents/{documentId}:
+    get:
+      operationId: getImportedDocument
+      parameters:
+        - in: path
+          name: documentId
+          required: true
+          schema:
+            type: string
+      responses:
+        '200':
+          description: Imported document with proposed gates
+        '401':
+          description: Unauthorized
+        '404':
+          description: Imported document not found
   /v1/jobs:
     get:
       operationId: listHostedJobs

package/adapters/claude/.mcp.json

@@ -2,13 +2,13 @@
   "mcpServers": {
     "thumbgate": {
       "command": "npx",
-      "args": ["--yes", "--package", "thumbgate@1.2.0", "thumbgate", "serve"]
+      "args": ["--yes", "--package", "thumbgate@1.4.0", "thumbgate", "serve"]
     }
   },
   "hooks": {
     "preToolUse": {
       "command": "npx",
-      "args": ["--yes", "--package", "thumbgate@1.2.0", "thumbgate", "gate-check"]
+      "args": ["--yes", "--package", "thumbgate@1.4.0", "thumbgate", "gate-check"]
     }
   }
 }

package/adapters/codex/config.toml

@@ -1,9 +1,9 @@
 # Codex MCP profile (copy into ~/.codex/config.toml or merge section)
 [mcp_servers.thumbgate]
 command = "npx"
-args = ["--yes", "--package", "thumbgate@1.2.0", "thumbgate", "serve"]
+args = ["--yes", "--package", "thumbgate@1.4.0", "thumbgate", "serve"]
 
 # Hard PreToolUse hook for Codex
 [hooks.pre_tool_use]
 command = "npx"
-args = ["--yes", "--package", "thumbgate@1.2.0", "thumbgate", "gate-check"]
+args = ["--yes", "--package", "thumbgate@1.4.0", "thumbgate", "gate-check"]