thumbgate 1.23.0 → 1.23.2

package/public/lessons.html

@@ -12,7 +12,7 @@
   "@context": "https://schema.org",
   "@type": "WebPage",
   "name": "ThumbGate Lessons Learned",
-  "url": "https://thumbgate-production.up.railway.app/lessons",
+  "url": "https://thumbgate.ai/lessons",
   "dateModified": "2026-04-20",
   "author": {
     "@type": "Person",
@@ -26,7 +26,7 @@
   "publisher": {
     "@type": "Organization",
     "name": "ThumbGate",
-    "url": "https://thumbgate-production.up.railway.app"
+    "url": "https://thumbgate.ai"
   }
 }
 </script>

package/public/numbers.html

@@ -10,9 +10,9 @@
 <meta property="og:title" content="ThumbGate — The Numbers">
 <meta property="og:description" content="Generated first-party operational snapshot: configured gates, recorded interventions, and explicit zero-evidence caveats.">
 <meta property="og:type" content="website">
-<meta property="og:url" content="https://thumbgate-production.up.railway.app/numbers">
+<meta property="og:url" content="https://thumbgate.ai/numbers">
 <meta name="twitter:card" content="summary_large_image">
-<link rel="canonical" href="https://thumbgate-production.up.railway.app/numbers">
+<link rel="canonical" href="https://thumbgate.ai/numbers">
 <link rel="icon" type="image/png" href="/thumbgate-icon.png">
 <link rel="apple-touch-icon" href="/apple-touch-icon.png">
 <script defer data-domain="thumbgate-production.up.railway.app" src="https://plausible.io/js/script.js"></script>
@@ -25,8 +25,8 @@
   "alternateName": "thumbgate",
   "applicationCategory": "DeveloperApplication",
   "operatingSystem": "Cross-platform, Node.js >=18.18.0",
-  "softwareVersion": "1.23.0",
-  "url": "https://thumbgate-production.up.railway.app/numbers",
+  "softwareVersion": "1.23.2",
+  "url": "https://thumbgate.ai/numbers",
   "dateModified": "2026-05-07",
   "creator": {
     "@type": "Person",
@@ -46,7 +46,7 @@
   "@type": "Dataset",
   "name": "ThumbGate Operational Snapshot",
   "description": "First-party operational snapshot from the ThumbGate pre-action check runtime: configured checks, recorded block/warn events, estimated token savings from recorded blocks, and Bayes error rate when the sample supports it.",
-  "url": "https://thumbgate-production.up.railway.app/numbers",
+  "url": "https://thumbgate.ai/numbers",
   "license": "https://opensource.org/licenses/MIT",
   "creator": {
     "@type": "Person",
@@ -202,7 +202,7 @@
 <main class="container">
   <h1>The Numbers</h1>
   <p class="subtitle">Generated first-party operational snapshot from the ThumbGate runtime. This is not customer traction, install volume, revenue, or proof that a configured gate has fired.</p>
-  <div class="freshness">Updated: 2026-05-07 · Version 1.23.0</div>
+  <div class="freshness">Updated: 2026-05-07 · Version 1.23.2</div>
   <div class="truth-note"><strong>Read this first:</strong> configured checks are inventory. Recorded blocks and warnings are usage evidence. This snapshot currently reports 0 recorded hard-block event(s) and 0 recorded warning event(s).</div>
 
   <h2>Gate enforcement</h2>

package/public/pricing.html

@@ -12,6 +12,7 @@ __GOOGLE_SITE_VERIFICATION_META__
 <meta property="og:url" content="__APP_ORIGIN__/pricing">
 <meta property="og:image" content="/og.png">
 <link rel="canonical" href="__APP_ORIGIN__/pricing">
+<link rel="alternate" type="text/markdown" title="ThumbGate LLM context" href="__APP_ORIGIN__/llm-context.md">
 <link rel="icon" type="image/png" href="/thumbgate-icon.png">
 <link rel="apple-touch-icon" href="/assets/brand/thumbgate-mark.svg">
 
@@ -49,7 +50,7 @@ __GA_BOOTSTRAP__
   "@context": "https://schema.org",
   "@type": "FAQPage",
   "mainEntity": [
-    { "@type": "Question", "name": "What does Pro add over the free CLI?", "acceptedAnswer": { "@type": "Answer", "text": "Free gives you unlimited captures and 5 active rules, running entirely on your machine. Pro is the hosted layer: lesson sync across machines, a dashboard without self-hosting, managed adapter updates, unlimited rules, and DPO export. You're paying for infrastructure we run, not features we hide." } },
+    { "@type": "Question", "name": "What does Pro add over the free CLI?", "acceptedAnswer": { "@type": "Answer", "text": "Free gives you 5 captures/day and 3 active rules, running entirely on your machine. Pro is the hosted layer: unlimited captures, unlimited rules, lesson sync across machines, a dashboard without self-hosting, managed adapter updates, and DPO export. You're paying for infrastructure we run, not features we hide." } },
     { "@type": "Question", "name": "Does ThumbGate send my code to the cloud?", "acceptedAnswer": { "@type": "Answer", "text": "No. The CLI is local-first — no data leaves your machine. Pro and Team add hosted sync for dashboards and shared lessons, but your source code stays local." } },
     { "@type": "Question", "name": "When should I pick Team over Pro?", "acceptedAnswer": { "@type": "Answer", "text": "When one engineer's correction should protect the whole team. Team shares the lesson database across seats so a fix in one repo prevents the same mistake in every repo." } },
     { "@type": "Question", "name": "Can I cancel anytime?", "acceptedAnswer": { "@type": "Answer", "text": "Yes. Pro and Team are month-to-month with a 7-day refund window on the first charge. Cancel from the billing portal and your subscription ends at the period close." } }
@@ -237,8 +238,8 @@ __GA_BOOTSTRAP__
       <div class="price">$0</div>
       <div class="price-sub">Block repeated mistakes daily. Forever free for solo devs.</div>
       <ul>
-        <li>Unlimited feedback captures — every thumbs-down, every session</li>
-        <li>Up to 5 active prevention rules</li>
+        <li>5 feedback captures/day (25 total) — enough to see the value</li>
+        <li>Up to 3 active prevention rules</li>
         <li>All MCP integrations (Claude Code, Cursor, Codex, Gemini, Amp)</li>
         <li>PreToolUse hook blocking with built-in safety checks</li>
         <li>Runs 100% local — no account, no signup, no data leaves your machine</li>
@@ -257,7 +258,7 @@ __GA_BOOTSTRAP__
         <li><strong>Hosted lesson sync</strong> — corrections follow you across machines, no manual export</li>
         <li><strong>Managed adapter matrix</strong> — we track runtime changes in Claude Code, Cursor, Codex, Gemini, Amp so you don't</li>
         <li><strong>Hosted dashboard</strong> — see every blocked action, every rule that fired, without running your own server</li>
-        <li><strong>Unlimited prevention rules</strong> — free caps at 5 auto-promoted rules</li>
+        <li><strong>Unlimited prevention rules</strong> — free caps at 3 auto-promoted rules</li>
         <li><strong>DPO + HuggingFace export</strong> — training data from your real corrections</li>
         <li><strong>Auto-connect</strong> — new agent surfaces appear automatically after setup</li>
         <li>7-day refund window. Cancel anytime.</li>
@@ -296,7 +297,7 @@ __GA_BOOTSTRAP__
     <div class="faq-list">
       <div class="faq-item">
         <div class="faq-q">What does Pro add over the free CLI?</div>
-        <div class="faq-a">Free gives you unlimited captures and 5 active rules, running entirely on your machine. Pro is the hosted layer: lesson sync across machines, a dashboard without self-hosting, managed adapter updates, unlimited rules, and DPO export. You're paying for infrastructure we run, not features we hide.</div>
+        <div class="faq-a">Free gives you 5 captures/day and 3 active rules, running entirely on your machine. Pro is the hosted layer: unlimited captures, unlimited rules, lesson sync across machines, a dashboard without self-hosting, managed adapter updates, and DPO export. You're paying for infrastructure we run, not features we hide.</div>
       </div>
       <div class="faq-item">
         <div class="faq-q">Does ThumbGate send my code to the cloud?</div>

package/public/pro.html

@@ -11,6 +11,7 @@ __GOOGLE_SITE_VERIFICATION_META__
 <meta property="og:type" content="website">
 <meta property="og:url" content="__APP_ORIGIN__/pro">
 <link rel="canonical" href="__APP_ORIGIN__/pro">
+<link rel="alternate" type="text/markdown" title="ThumbGate LLM context" href="__APP_ORIGIN__/llm-context.md">
 <link rel="icon" type="image/png" href="/thumbgate-icon.png">
 <link rel="apple-touch-icon" href="/assets/brand/thumbgate-mark.svg">
 <meta property="og:image" content="/og.png">
@@ -815,6 +816,28 @@ __GA_BOOTSTRAP__
   </div>
 </section>
 
+<section class="section" id="deterministic-loop">
+  <div class="container">
+    <div class="section-label">Why Pro now</div>
+    <h2 class="section-title">Black-box thumbs do not prove prevention. Pro gives the operator an audit loop.</h2>
+    <p class="section-intro">Native rating buttons can tell a vendor that an answer felt wrong. ThumbGate Pro gives you the operational record: the correction, the lesson, the rule, the blocked tool call, and the export path.</p>
+    <div class="grid-3">
+      <div class="feature-card">
+        <h3>Inspectable memory</h3>
+        <p>Search the exact lesson that came from a thumbs-down and see whether it is still active, warning-only, or blocking.</p>
+      </div>
+      <div class="feature-card">
+        <h3>Deterministic checks</h3>
+        <p>The enforcement layer evaluates tool name, arguments, working directory, command shape, confidence, and required evidence before the action runs.</p>
+      </div>
+      <div class="feature-card">
+        <h3>Exportable proof</h3>
+        <p>Take the same correction history into JSONL, DPO export, review packets, and team rollout conversations instead of trusting hidden memory.</p>
+      </div>
+    </div>
+  </div>
+</section>
+
 <section class="section" id="why-pay">
   <div class="container">
     <div class="section-label">Why operators pay</div>

package/scripts/billing.js

@@ -51,6 +51,7 @@ const {
 } = require('./analytics-window');
 const { ensureParentDir } = require('./fs-utils');
 const mailer = require('./mailer');
+const { recordCheckoutFunnelEvent } = require('./plausible-server-events');
 
 function loadWorkflowSprintIntakeModule() {
   const modulePath = path.resolve(__dirname, 'workflow-sprint-intake.js');
@@ -3038,6 +3039,22 @@ async function handleWebhook(rawBody, signature) {
           attribution,
         });
       }
+      // Fire Plausible purchase event so the funnel poller can measure
+      // end-to-end conversion: visitor → CTA → checkout → email → Stripe → purchase.
+      // Fire-and-forget (never blocks the webhook response).
+      void recordCheckoutFunnelEvent('purchase', {
+        page: '/success',
+        props: {
+          sessionId: session.id,
+          customerId,
+          traceId: traceId || '',
+          packId: packId || '',
+          amount: session.amount_total != null ? String(session.amount_total) : '',
+          currency: session.currency || '',
+          ...attribution,
+        },
+      });
+
       return {
         handled: true,
         action: 'provisioned_api_key',

package/scripts/commercial-offer.js

@@ -35,6 +35,78 @@ function normalizeSeatCount(value, fallback = TEAM_MIN_SEATS) {
   return Math.max(TEAM_MIN_SEATS, Math.round(parsed));
 }
 
+function trackedProUrl(source = 'cli_receipt', content = 'value_receipt') {
+  try {
+    const url = new URL(PRO_MONTHLY_PAYMENT_LINK);
+    url.searchParams.set('utm_source', source);
+    url.searchParams.set('utm_medium', 'cli');
+    url.searchParams.set('utm_campaign', 'pro_conversion');
+    url.searchParams.set('utm_content', content);
+    return url.toString();
+  } catch (_) {
+    return PRO_MONTHLY_PAYMENT_LINK;
+  }
+}
+
+function pluralize(count, singular, plural = `${singular}s`) {
+  return Number(count) === 1 ? singular : plural;
+}
+
+function buildCaptureReceipt({ signal, feedbackId, memoryId, actionType } = {}) {
+  const normalizedSignal = String(signal || '').toUpperCase() || 'UNKNOWN';
+  const lines = [
+    '',
+    'Value receipt',
+    '─'.repeat(50),
+    `  Stored proof   : ${normalizedSignal} feedback${feedbackId ? ` (${feedbackId})` : ''}`,
+    memoryId ? `  Local memory   : ${memoryId}` : '  Local memory   : saved locally',
+    actionType ? `  Rule pressure  : ${actionType}` : '  Rule pressure  : available for promotion',
+    '  Free today     : this proof protects this local machine',
+    '  Pro sync       : keep this lesson, rule, and dashboard synced across machines and agent runtimes',
+    '  Next proof     : npx thumbgate stats',
+    '  Cost proof     : npx thumbgate cost',
+    '',
+    `  Solo Pro       : ${PRO_PRICE_LABEL} for hosted sync, search, dashboard, and exports`,
+    `  Upgrade        : ${trackedProUrl('cli_capture_receipt', actionType || normalizedSignal.toLowerCase())}`,
+    `  Team path      : ${TEAM_PRICE_LABEL}; start with one repeated workflow failure`,
+    '                   https://thumbgate.ai/#workflow-sprint-intake',
+    '',
+  ];
+  return lines.join('\n');
+}
+
+function buildStatsReceipt(stats = {}) {
+  const negatives = Number(stats.negatives || stats.totalNegative || 0);
+  const blocked = Number(stats.gatesBlocked || stats.blocked || 0);
+  const warned = Number(stats.gatesWarned || stats.warned || 0);
+  const gates = Number(stats.totalGates || 0);
+  const autoPromoted = Number(stats.autoPromotedGates || 0);
+  const hasFriction = negatives > 0 || blocked > 0 || warned > 0 || gates > 0;
+  if (!hasFriction) return '';
+
+  const interventions = blocked + warned;
+  const lines = [
+    '',
+    'Paid-intent next step',
+    '─'.repeat(50),
+  ];
+  if (interventions > 0) {
+    lines.push(`  Proof already seen : ${interventions} gate ${pluralize(interventions, 'intervention')}`);
+  }
+  if (gates > 0) {
+    lines.push(`  Active prevention  : ${gates} ${pluralize(gates, 'gate')} (${autoPromoted} auto-promoted)`);
+  }
+  if (negatives > 0) {
+    lines.push(`  Failure pressure   : ${negatives} negative ${pluralize(negatives, 'signal')}`);
+  }
+  lines.push('  Show the buyer     : npx thumbgate cost');
+  lines.push('  Pro sync value     : keep these lessons/rules visible across laptops, CI, containers, and agent runtimes');
+  lines.push(`  Solo Pro           : ${trackedProUrl('cli_stats_receipt', 'proof_seen')}`);
+  lines.push('  Team workflow      : https://thumbgate.ai/#workflow-sprint-intake');
+  lines.push('');
+  return lines.join('\n');
+}
+
 module.exports = {
   PRO_MONTHLY_PAYMENT_LINK,
   PRO_ANNUAL_PAYMENT_LINK,
@@ -51,4 +123,7 @@ module.exports = {
   normalizePlanId,
   normalizeBillingCycle,
   normalizeSeatCount,
+  buildCaptureReceipt,
+  buildStatsReceipt,
+  trackedProUrl,
 };

package/scripts/dashboard.js

@@ -967,6 +967,20 @@ function computeAnalyticsSummary(feedbackDir, options = {}) {
   return {
     window: telemetry.window || analyticsWindow,
     telemetry,
+    firstPartyTrafficQuality: telemetry.trafficQuality || {
+      rawEvents: telemetry.totalEvents || 0,
+      externalEvents: 0,
+      excludedEvents: 0,
+      exclusionRate: 0,
+      byAudience: {},
+      byExclusionReason: {},
+      external: {
+        uniqueVisitors: 0,
+        pageViews: 0,
+        checkoutStarts: 0,
+      },
+      verdict: 'missing',
+    },
     funnel: {
       visitors: uniqueVisitors,
       sessions: telemetry.visitors ? telemetry.visitors.uniqueSessions || 0 : 0,
@@ -1149,16 +1163,42 @@ function computeInstrumentationReadiness(analytics, billing) {
   const coverage = billing && billing.coverage ? billing.coverage : {};
   const telemetry = analytics.telemetry || {};
   const visitors = telemetry.visitors || {};
+  const quality = telemetry.trafficQuality || analytics.firstPartyTrafficQuality || {};
+  const external = quality.external || {};
   const cli = telemetry.cli || {};
+  const plausibleExportConfigured = Boolean(
+    process.env.PLAUSIBLE_API_KEY && (process.env.PLAUSIBLE_SITE_ID || process.env.PLAUSIBLE_DOMAIN)
+  );
+  const posthogExportConfigured = Boolean(
+    (process.env.POSTHOG_PERSONAL_API_KEY || process.env.POSTHOG_API_KEY) && process.env.POSTHOG_PROJECT_ID
+  );
+  const ga4ExportConfigured = Boolean(
+    process.env.GA4_PROPERTY_ID && (process.env.GOOGLE_APPLICATION_CREDENTIALS || process.env.GOOGLE_CLIENT_EMAIL)
+  );
+  const dashboardGradeExportReady = plausibleExportConfigured || posthogExportConfigured || ga4ExportConfigured;
 
   return {
-    plausibleConfigured: /plausible\.io\/js\/script\.js|\/js\/analytics\.js/.test(landingPage),
+    plausibleConfigured: /plausible\.io\/js\/script(?:\.tagged-events)?\.js|\/js\/analytics\.js/.test(landingPage),
     ga4Configured: Boolean(runtimeConfig.gaMeasurementId),
     googleSearchConsoleConfigured: Boolean(runtimeConfig.googleSiteVerification),
     softwareApplicationSchemaPresent: /"@type": "SoftwareApplication"/.test(landingPage),
     faqSchemaPresent: /"@type": "FAQPage"/.test(landingPage),
     telemetryEventsPresent: (telemetry.totalEvents || 0) > 0,
     uniqueVisitorsTracked: visitors.uniqueVisitors || 0,
+    rawTelemetryEvents: quality.rawEvents || telemetry.totalEvents || 0,
+    externalTelemetryEvents: quality.externalEvents || 0,
+    excludedTelemetryEvents: quality.excludedEvents || 0,
+    externalVisitorsTracked: external.uniqueVisitors || 0,
+    externalPageViewsTracked: external.pageViews || 0,
+    externalCheckoutStartsTracked: external.checkoutStarts || 0,
+    externalVisitorPathsTracked: Array.isArray(external.visitorPaths) ? external.visitorPaths.length : 0,
+    internalTestPollutionRate: quality.exclusionRate || 0,
+    trafficQualityVerdict: quality.verdict || 'missing',
+    topExcludedTrafficReason: quality.topExclusionReason || null,
+    plausibleExportConfigured,
+    posthogExportConfigured,
+    ga4ExportConfigured,
+    dashboardGradeExportReady,
     cliInstallsTracked: cli.uniqueInstalls || 0,
     funnelEventsPresent: (analytics.reconciliation.telemetryCheckoutStarts || 0) > 0,
     seoSignalsPresent: (analytics.seo.landingViews || 0) > 0,
@@ -1865,8 +1905,10 @@ function printDashboard(data) {
   console.log('');
   console.log('\uD83D\uDCBC Growth Analytics');
   console.log(`  Unique Visitors  : ${analytics.trafficMetrics.visitors}`);
+  console.log(`  External Visitors: ${instrumentation.externalVisitorsTracked}`);
   console.log(`  Sessions         : ${analytics.trafficMetrics.sessions}`);
   console.log(`  Page Views       : ${analytics.trafficMetrics.pageViews}`);
+  console.log(`  External Views   : ${instrumentation.externalPageViewsTracked}`);
   console.log(`  CTA Clicks       : ${analytics.trafficMetrics.ctaClicks}`);
   console.log(`  Leads            : ${analytics.funnel.acquisitionLeads}`);
   console.log(`  Sprint Leads     : ${analytics.pipeline.workflowSprintLeads.total}`);
@@ -1877,6 +1919,7 @@ function printDashboard(data) {
   console.log(`  Booked Revenue   : $${(analytics.revenue.bookedRevenueCents / 100).toFixed(2)}`);
   console.log(`  Matched Journeys : ${analytics.reconciliation.matchedPaidOrders}/${analytics.reconciliation.telemetryCheckoutStarts}`);
   console.log(`  Buyer Loss       : ${analytics.buyerLoss.totalSignals}`);
+  console.log(`  Data Quality     : ${analytics.firstPartyTrafficQuality.verdict} (${instrumentation.excludedTelemetryEvents}/${instrumentation.rawTelemetryEvents} excluded)`);
   if (analytics.telemetry.visitors.topSource) {
     console.log(`  Top Source       : ${analytics.telemetry.visitors.topSource.key} (${analytics.telemetry.visitors.topSource.count}\u00D7)`);
   }
@@ -1896,6 +1939,15 @@ function printDashboard(data) {
   console.log(`  GA4              : ${instrumentation.ga4Configured ? 'configured' : 'missing'}`);
   console.log(`  Search Console   : ${instrumentation.googleSearchConsoleConfigured ? 'configured' : 'missing'}`);
   console.log(`  Telemetry Events : ${instrumentation.telemetryEventsPresent ? instrumentation.uniqueVisitorsTracked : 0} visitors`);
+  console.log(`  Clean Visitors   : ${instrumentation.externalVisitorsTracked} external (${Math.round((instrumentation.internalTestPollutionRate || 0) * 100)}% internal/test/bot events)`);
+  console.log(`  Clean Paths      : ${instrumentation.externalVisitorPathsTracked} first-party paths`);
+  if (instrumentation.topExcludedTrafficReason) {
+    console.log(`  Top Exclusion    : ${instrumentation.topExcludedTrafficReason.key} (${instrumentation.topExcludedTrafficReason.count}\u00D7)`);
+  }
+  console.log(`  Plausible Export : ${instrumentation.plausibleExportConfigured ? 'configured' : 'missing API credentials'}`);
+  console.log(`  PostHog Export   : ${instrumentation.posthogExportConfigured ? 'configured' : 'missing API credentials'}`);
+  console.log(`  GA4 Export       : ${instrumentation.ga4ExportConfigured ? 'configured' : 'missing API credentials'}`);
+  console.log(`  Visitor Paths    : ${instrumentation.dashboardGradeExportReady ? 'export-ready' : 'not dashboard-grade in repo'}`);
   console.log(`  SEO Signals      : ${instrumentation.seoSignalsPresent ? analytics.seo.landingViews : 0}`);
   console.log(`  Buyer Loss       : ${instrumentation.buyerLossSignalsPresent ? analytics.buyerLoss.totalSignals : 0}`);
   console.log(`  Attribution      : ${Math.round((instrumentation.trafficAttributionCoverage || 0) * 100)}% page-view coverage`);

package/scripts/gates-engine.js

@@ -1953,12 +1953,12 @@ function buildBlockActionProCta() {
     if (totalBlocks < 5) return null; // Too early — let them experience the product
 
     if (totalBlocks < 25) {
-      return '\n\n💡 Pro: sync rules across machines + dashboard analytics → thumbgate.ai/go/pro';
+      return '\n\n💡 Pro: keep this rule synced across laptops, CI, containers, and agent runtimes → thumbgate.ai/go/pro';
     }
     if (totalBlocks < 100) {
-      return `\n\n💡 ${totalBlocks} actions blocked. Pro keeps rules in sync everywhere → thumbgate.ai/go/pro ($19/mo)`;
+      return `\n\n💡 ${totalBlocks} actions blocked. Pro keeps these lessons/rules synced everywhere → thumbgate.ai/go/pro ($19/mo)`;
     }
-    return `\n\n💡 ${totalBlocks} mistakes caught. Your team could use this → thumbgate.ai/go/pro`;
+    return `\n\n💡 ${totalBlocks} mistakes caught. Your team could use shared hosted enforcement → thumbgate.ai/go/pro`;
   } catch (_) {
     return null;
   }

package/scripts/plausible-server-events.js

@@ -25,7 +25,7 @@
 
 const https = require('node:https');
 
-const DEFAULT_PLAUSIBLE_DOMAIN = 'thumbgate-production.up.railway.app';
+const DEFAULT_PLAUSIBLE_DOMAIN = 'thumbgate.ai';
 const PLAUSIBLE_ENDPOINT = 'https://plausible.io/api/event';
 const REQUEST_TIMEOUT_MS = 2_000;
 
@@ -142,6 +142,7 @@ const CHECKOUT_EVENT_NAMES = Object.freeze({
   view: 'Checkout Pro Viewed',
   emailSubmitted: 'Checkout Pro Email Submitted',
   stripeRedirect: 'Checkout Pro Stripe Redirect Started',
+  purchase: 'Checkout Pro Purchase Completed',
 });
 
 function recordCheckoutFunnelEvent(stage, options = {}) {

package/scripts/rate-limiter.js

@@ -12,35 +12,37 @@ const {
 const USAGE_FILE = path.join(process.env.HOME || '/tmp', '.thumbgate', 'usage-limits.json');
 
 // ──────────────────────────────────────────────────────────
-// Free tier: generous on captures (habit formation) and rules
-// (5 active gates), gated on Pro-only features (recall, search,
-// exports). Dashboard, exports, and unlimited rules drive Pro.
+// Free tier: tight enough to create upgrade pressure after
+// real usage. Captures and rules are capped so heavy users
+// hit the wall within the first week, not the first quarter.
 // ──────────────────────────────────────────────────────────
 const FREE_TIER_LIMITS = {
-  capture_feedback:   { daily: Infinity, lifetime: Infinity, label: 'feedback captures' },
-  prevention_rules:   { daily: Infinity, lifetime: Infinity, label: 'prevention rules generated' },
+  capture_feedback:   { daily: 5,        lifetime: 25,       label: 'feedback captures (5/day, 25 total on free)' },
+  prevention_rules:   { daily: 2,        lifetime: 6,        label: 'prevention rules generated (2/day on free)' },
   recall:             { daily: 0,        lifetime: 0,        label: 'recall queries (Pro only)' },
   search_lessons:     { daily: 0,        lifetime: 0,        label: 'lesson searches (Pro only)' },
   search_thumbgate:   { daily: 0,        lifetime: 0,        label: 'ThumbGate searches (Pro only)' },
   commerce_recall:    { daily: 0,        lifetime: 0,        label: 'commerce recalls (Pro only)' },
   export_dpo:         { daily: 0,        lifetime: 0,        label: 'DPO exports (Pro only)' },
   export_databricks:  { daily: 0,        lifetime: 0,        label: 'Databricks exports (Pro only)' },
-  construct_context_pack: { daily: Infinity, lifetime: Infinity, label: 'context packs' },
+  construct_context_pack: { daily: 3,    lifetime: Infinity,  label: 'context packs (3/day on free)' },
 };
 
-const FREE_TIER_MAX_GATES = 5; // 5 active prevention rules on free; Pro is unlimited
-const FREE_TIER_DAILY_BLOCKS = 10; // 10 gate blocks/day on free; after limit, deny → warn + upgrade CTA
+const FREE_TIER_MAX_GATES = 3; // 3 active prevention rules on free; Pro is unlimited
+const FREE_TIER_DAILY_BLOCKS = 3; // 3 gate blocks/day on free; after limit, deny → warn + upgrade CTA
 
 const UPGRADE_MESSAGE = `Pro: ${PRO_PRICE_LABEL} — unlimited rules, recall, lesson search, dashboard, and exports: ${PRO_MONTHLY_PAYMENT_LINK}\n  Team: ${TEAM_PRICE_LABEL} after workflow qualification.`;
 
 const PAYWALL_MESSAGES = {
-  prevention_rules: 'Free tier includes 5 active prevention rules. Promote more or unlock unlimited rules with Pro.',
+  capture_feedback: 'Free tier: 5 captures/day (25 total). Your feedback is stored locally — upgrade to capture unlimited.',
+  prevention_rules: 'Free tier includes 3 active prevention rules and 2 rule generations/day. Upgrade to Pro for unlimited rules.',
   recall: 'Recall is a Pro feature. Your past feedback is stored locally — upgrade to search and reuse it.',
   search_lessons: 'Lesson search is a Pro feature. Upgrade to find patterns in your agent\'s mistakes.',
+  construct_context_pack: 'Free tier: 3 context packs/day. Upgrade to Pro for unlimited.',
   default: 'This feature requires Pro. Start Pro — card required; billed today.',
 };
 
-const TRIAL_DAYS = 14;
+const TRIAL_DAYS = 7;
 
 function getInstallAgeDays() {
   try {
@@ -91,7 +93,8 @@ function isProTier(authContext) {
     const { isProLicensed } = require('./license');
     if (isProLicensed()) return true;
   } catch (_) {}
-  // 14-day reverse trial: new installs get full Pro access
+  // 7-day reverse trial: new installs get full Pro access, then hit a clear
+  // hosted-sync/unlimited-rules pay moment while the product is still fresh.
   if (isInTrialPeriod()) return true;
   return false;
 }
@@ -164,9 +167,10 @@ function checkLimit(action, authContext) {
 
   // Check daily limit
   if (dailyLimit !== Infinity && dailyCurrent >= dailyLimit) {
+    const paywallMsg = PAYWALL_MESSAGES[action] || PAYWALL_MESSAGES.default;
     return {
       allowed: false,
-      message: `Daily limit reached. ${UPGRADE_MESSAGE}`,
+      message: `Daily limit reached. ${paywallMsg}\n\n${UPGRADE_MESSAGE}`,
       used: dailyCurrent,
       limit: dailyLimit,
       limitType: 'daily',