thumbgate 1.25.1 → 1.26.0

package/.claude-plugin/marketplace.json

@@ -1,6 +1,6 @@
 {
   "name": "thumbgate-marketplace",
-  "version": "1.25.1",
+  "version": "1.26.0",
   "owner": {
     "name": "Igor Ganapolsky",
     "email": "ig5973700@gmail.com"
@@ -14,7 +14,7 @@
         "source": "npm",
         "package": "thumbgate"
       },
-      "version": "1.25.1",
+      "version": "1.26.0",
       "author": {
         "name": "Igor Ganapolsky",
         "email": "ig5973700@gmail.com",

package/.claude-plugin/plugin.json

@@ -1,7 +1,7 @@
 {
   "name": "thumbgate",
   "description": "One 👎 becomes a hard rule the agent cannot bypass. Captures thumbs-down feedback, distills it into PreToolUse Pre-Action Checks, enforced across every future Claude Code session.",
-  "version": "1.25.1",
+  "version": "1.26.0",
   "author": {
     "name": "Igor Ganapolsky",
     "email": "ig5973700@gmail.com",

package/.well-known/mcp/server-card.json

@@ -1,6 +1,6 @@
 {
   "name": "thumbgate",
-  "version": "1.25.1",
+  "version": "1.26.0",
   "description": "ThumbGate — 👍👎 feedback that teaches your AI agent. Thumbs down a mistake, it never happens again.",
   "homepage": "https://thumbgate.ai",
   "transport": "stdio",

package/adapters/claude/.mcp.json

@@ -2,13 +2,13 @@
   "mcpServers": {
     "thumbgate": {
       "command": "npx",
-      "args": ["--yes", "--package", "thumbgate@1.25.1", "thumbgate", "serve"]
+      "args": ["--yes", "--package", "thumbgate@1.26.0", "thumbgate", "serve"]
     }
   },
   "hooks": {
     "preToolUse": {
       "command": "npx",
-      "args": ["--yes", "--package", "thumbgate@1.25.1", "thumbgate", "gate-check"]
+      "args": ["--yes", "--package", "thumbgate@1.26.0", "thumbgate", "gate-check"]
     }
   }
 }

package/adapters/gemini/function-declarations.json

@@ -133,6 +133,7 @@
           "context": { "type": "string" },
           "mcpProfile": { "type": "string" },
           "bundleId": { "type": "string" },
+          "enforcePlanQuality": { "type": "boolean" },
           "approved": { "type": "boolean" }
         },
         "required": ["intentId"]

package/adapters/mcp/server-stdio.js

@@ -216,7 +216,7 @@ const {
   finalizeSession: finalizeFeedbackSession,
 } = require('../../scripts/feedback-session');
 
-const SERVER_INFO = { name: 'thumbgate-mcp', version: '1.25.1' };
+const SERVER_INFO = { name: 'thumbgate-mcp', version: '1.26.0' };
 const COMMERCE_CATEGORIES = [
   'product_recommendation',
   'brand_compliance',
@@ -637,7 +637,7 @@ function buildEstimateUncertaintyResponse(args = {}) {
 
 async function callTool(name, args = {}) {
   assertToolAllowed(name, getActiveMcpProfile());
-  if (name !== 'workflow_sentinel') {
+  if (name !== 'workflow_sentinel' && process.env.THUMBGATE_DISABLE_MCP_FIREWALL !== '1') {
     const firewallResult = (await evaluateGatesAsync(name, args)) || evaluateSecretGuard({ tool_name: name, tool_input: args });
     if (firewallResult && firewallResult.decision === 'deny') {
       const err = new Error(`Action blocked by Semantic Firewall: ${firewallResult.message}`);
@@ -779,6 +779,7 @@ async function callToolInner(name, args) {
           bundleId: args.bundleId,
           partnerProfile: args.partnerProfile,
           delegationMode: args.delegationMode,
+          enforcePlanQuality: args.enforcePlanQuality === true,
           approved: args.approved === true,
           repoPath: args.repoPath,
         }));

package/adapters/opencode/opencode.json

@@ -7,7 +7,7 @@
         "npx",
         "--yes",
         "--package",
-        "thumbgate@1.25.1",
+        "thumbgate@1.26.0",
         "thumbgate",
         "serve"
       ],

package/openapi/openapi.yaml

@@ -94,6 +94,8 @@ components:
         delegationMode:
           type: string
           enum: [off, auto, sequential]
+        enforcePlanQuality:
+          type: boolean
         approved:
           type: boolean
         repoPath:

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "thumbgate",
-  "version": "1.25.1",
+  "version": "1.26.0",
   "description": "ThumbGate self-improving agent governance: thumbs-up/down turns every mistake into a prevention rule and blocks repeat patterns. 36 pre-action checks, budget enforcement, and self-protection for Claude Code, Cursor, Codex, Gemini CLI, and Amp.",
   "homepage": "https://thumbgate.ai",
   "repository": {
@@ -101,6 +101,7 @@
     "scripts/hybrid-feedback-context.js",
     "scripts/hybrid-supervisor-agent.js",
     "scripts/inference-cache-policy.js",
+    "scripts/install-shim.js",
     "scripts/install-mcp.js",
     "scripts/internal-agent-bootstrap.js",
     "scripts/intervention-policy.js",
@@ -136,6 +137,7 @@
     "scripts/oss-pr-opportunity-scout.js",
     "scripts/otel-declarative-config.js",
     "scripts/perplexity-client.js",
+    "scripts/plan-gate.js",
     "scripts/plausible-server-events.js",
     "scripts/pr-manager.js",
     "scripts/private-core-boundary.js",
@@ -189,6 +191,7 @@
     "scripts/thompson-sampling.js",
     "scripts/thumbgate-bench.js",
     "scripts/thumbgate-search.js",
+    "scripts/trajectory-scorer.js",
     "scripts/token-savings.js",
     "scripts/token-tco.js",
     "scripts/tool-registry.js",
@@ -340,7 +343,7 @@
     "social:prospect:bluesky:dry": "node scripts/social-bluesky-prospecting.js --dry-run",
     "social:reply-publish:bluesky:dry": "node scripts/social-reply-monitor-bluesky.js --publish-approved --dry-run",
     "test:python": "python3 -m pytest tests/*.py",
-    "test": "npm run test:python && npm run test:schema && npm run test:loop && npm run test:dpo && npm run test:kto && npm run test:api && npm run test:proof && npm run test:e2e && npm run test:rlaif && npm run test:attribution && npm run test:quality && npm run test:intelligence && npm run test:training-export && npm run test:deployment && npm run test:operational-integrity && npm run test:workflow && npm run test:billing && npm run test:cli && npm run test:watcher && npm run test:autoresearch && npm run test:ops && npm run test:session-analyzer && npm run test:tessl && npm run test:gates && npm run test:evoskill && npm run test:gates-hardening && npm run test:workers && npm run test:social-analytics && npm run test:memalign && npm run test:xmemory-lite && npm run test:filesystem-search && npm run test:zernio && npm run test:platform-limits && npm run test:post-video && npm run test:post-everywhere-instagram && npm run test:post-everywhere-channels && npm run test:post-everywhere-zernio-default && npm run test:zernio-canonical-pollers && npm run test:zernio-status && npm run test:obsidian-export && npm run test:lesson-db && npm run test:lesson-rotation && npm run test:memory-dedup && npm run test:feedback-quality && npm run test:sync-version && npm run test:check-congruence && npm run test:tool-registry && npm run test:feedback-to-rules && npm run test:memory-firewall && npm run test:memory-scope-readiness && npm run test:belief-update && npm run test:hosted-config && npm run test:operational-summary && npm run test:operational-dashboard && npm run test:operator-artifacts && npm run test:operator-key-auth && npm run test:cloudflare-sandbox && npm run test:mcp-config && npm run test:mcp-tool-annotations && npm run test:mcp-oauth && npm run test:mcp-oauth-flow && npm run test:plan-gate && npm run test:pulse && npm run test:semantic-layer && npm run test:data-pipeline && npm run test:optimize-context && npm run test:principle-extractor && npm run test:analytics-window && npm run test:funnel-analytics && npm run test:experiment-tracker && npm run test:build-metadata && npm run test:context-engine && npm run test:hf-papers && npm run test:marketing-experiment && npm run test:seo-gsd && npm run test:verify-run && npm run test:export-dpo-pairs && npm run test:export-hf-dataset && npm run test:license && npm run test:bot-detector && npm run test:audit-pr-bot-contamination && npm run test:stripe-bootstrap-saas-catalog && npm run test:postinstall && npm run test:funnel-invariants && npm run test:cli-telemetry && npm run test:pro-parity && npm run test:model-tier-router && npm run test:computer-use-firewall && npm run test:skill-exporter && npm run test:statusline && npm run test:evolution && npm run test:org-dashboard && npm run test:multi-hop-recall && npm run test:synthetic-dpo && npm run test:thumbgate-skill && npm run test:learn-hub && npm run test:feedback-fallback && npm run test:metaclaw && npm run test:server-lock && npm run test:control-tower && npm run test:pii-scanner && npm run test:data-governance && npm run test:lesson-inference && npm run test:semantic-dedup && npm run test:fs-utils && npm run test:cli-schema && npm run test:explore && npm run test:lesson-reranker && npm run test:lesson-retrieval && npm run test:lesson-semantic-retrieval && npm run test:cross-encoder && npm run test:reflector-agent && npm run test:feedback-session && npm run test:feedback-history-distiller && npm run test:hallucination-detector && npm run test:history-distiller && npm run test:predictive-insights && npm run test:predictive-credible-range && npm run test:prove-predictive-insights && npm run test:statusbar-cli && npm run test:generate-instagram-card && npm run test:instagram-thumbgate-post && npm run test:publish-instagram-thumbgate && npm run test:lesson-synthesis && npm run test:lesson-canonical && npm run test:background-governance && npm run test:memory-migration && npm run test:prompt-dlp && npm run test:ephemeral-store && npm run test:agent-security && npm run test:skill-progressive && npm run test:per-step-scoring && npm run test:weekly-auto-post && npm run test:social-post-hourly && npm run test:social-quality-gate && npm run test:a2ui-engine && npm run test:gate-satisfy && npm run test:money-watcher && npm run test:budget && npm run test:quick-start && npm run test:utm && npm run test:product-feedback && npm run test:feedback-root-consolidator && npm run test:engagement-audit && npm run test:install-growth-automation && npm run test:publish-thumbgate-launch && npm run test:community-course-platform-launch-kit && npm run test:reconcile-thumbgate-campaign && npm run test:reddit-publisher && npm run test:schedule-thumbgate-campaign && npm run test:social-reply-monitor && npm run test:social-dedupe-cleanup && npm run test:sync-launch-assets && npm run test:ai-search-visibility && npm run test:perplexity && npm run test:security-scanner && npm run test:llm-client && npm run test:managed-lesson-agent && npm run test:self-distill && npm run test:meta-agent && npm run test:harness-selector && npm run test:thumbgate-bench && npm run test:seo-guides && npm run test:enforcement-loop && npm run test:cli-agent-experience && npm run test:bot-detection && npm run test:checkout-archived-product-guard && npm run test:postgres-guard && npm run test:checkout-bot-guard && npm run test:checkout-pro-confirmation-gate && npm run test:session-health && npm run test:session-episodes && npm run test:spec-gate && npm run test:decision-trace && npm run test:dashboard-insights && npm run test:telemetry-tracked-link-slug && npm run test:prompt-eval && npm run test:demo-voiceover && npm run test:gate-coherence && npm run test:gate-eval && npm run test:high-roi && npm run test:public-static-assets && npm run test:token-savings && npm run test:numbers-page && npm run test:workflow-gate-checkpoint && npm run test:lesson-export-import && npm run test:landing-page-claims && npm run test:competitive-positioning-marketing && npm run test:medium-weekly && npm run test:dashboard-deeplink-e2e && npm run test:public-package-parity && npm run test:token-savings-dashboard && npm run test:cursor-wiring && npm run test:pretooluse-injection && npm run test:recent-corrective-context && npm run test:durability-step && npm run test:mailer && npm run test:brand-assets && npm run test:enforcement-teeth && npm run test:bayes-optimal-gate && npm run test:swarm-coordinator && npm run test:session-report && npm run test:agent-reasoning-traces && npm run test:judge-reward && npm run test:llm-behavior-monitor && npm run test:prompting-os && npm run test:single-use-credential-gate && npm run test:structured-prompt-driven && npm run test:require-evidence-gate && npm run test:rule-validator && npm run test:bluesky-atproto && npm run test:social-reply-monitor-bluesky && npm run test:bluesky-delete-replies && npm run test:architect-kit-memory-bridge && npm run test:sonar-review-hotspots && npm run test:actionable-remediations && npm run test:gemini-embedding-policy && npm run test:agent-design-governance && npm run test:public-core-boundary && npm run test:hook-stop-verify-deploy && npm run test:hook-stop-anti-claim && npm run test:plausible-server-events && npm run test:activation-tracker && npm run test:unified-revenue-rollup && npm run test:conversion-rate-stats && npm run test:external-customer-audit && npm run test:telemetry-export && npm run test:stripe-checkout-diagnostic && npm run test:stripe-business-identity-probe && npm run test:revenue-observability-doctor && npm run test:public-bundle-ratchet && npm run test:stripe-payment-link-update && npm run test:ci-cd-hygiene-audit && npm run test:verify-marketing-pages-deployed && npm run test:install-email-capture && npm run test:install-shim && npm run test:hook-runtime-subcommands && npm run test:implementation-notes && npm run test:daily-block-cap && npm run test:free-to-paid-conversion-units && npm run test:metrics-real-endpoint && npm run test:cli-trial-and-help && npm run test:cost-cli && npm run test:silent-failure-cluster && npm run test:proof:truth && node --test tests/adaptive-reliability.test.js",
+    "test": "npm run test:python && npm run test:schema && npm run test:loop && npm run test:dpo && npm run test:kto && npm run test:api && npm run test:proof && npm run test:e2e && npm run test:rlaif && npm run test:attribution && npm run test:quality && npm run test:intelligence && npm run test:training-export && npm run test:deployment && npm run test:operational-integrity && npm run test:workflow && npm run test:billing && npm run test:cli && npm run test:watcher && npm run test:autoresearch && npm run test:ops && npm run test:session-analyzer && npm run test:tessl && npm run test:gates && npm run test:evoskill && npm run test:gates-hardening && npm run test:workers && npm run test:social-analytics && npm run test:memalign && npm run test:xmemory-lite && npm run test:filesystem-search && npm run test:zernio && npm run test:platform-limits && npm run test:post-video && npm run test:post-everywhere-instagram && npm run test:post-everywhere-channels && npm run test:post-everywhere-zernio-default && npm run test:zernio-canonical-pollers && npm run test:zernio-status && npm run test:obsidian-export && npm run test:lesson-db && npm run test:lesson-rotation && npm run test:memory-dedup && npm run test:feedback-quality && npm run test:sync-version && npm run test:check-congruence && npm run test:tool-registry && npm run test:feedback-to-rules && npm run test:memory-firewall && npm run test:memory-scope-readiness && npm run test:belief-update && npm run test:hosted-config && npm run test:operational-summary && npm run test:operational-dashboard && npm run test:operator-artifacts && npm run test:operator-key-auth && npm run test:cloudflare-sandbox && npm run test:mcp-config && npm run test:mcp-tool-annotations && npm run test:mcp-oauth && npm run test:mcp-oauth-flow && npm run test:plan-gate && npm run test:pulse && npm run test:semantic-layer && npm run test:data-pipeline && npm run test:optimize-context && npm run test:principle-extractor && npm run test:analytics-window && npm run test:funnel-analytics && npm run test:experiment-tracker && npm run test:build-metadata && npm run test:context-engine && npm run test:hf-papers && npm run test:marketing-experiment && npm run test:seo-gsd && npm run test:verify-run && npm run test:export-dpo-pairs && npm run test:export-hf-dataset && npm run test:license && npm run test:bot-detector && npm run test:audit-pr-bot-contamination && npm run test:stripe-bootstrap-saas-catalog && npm run test:postinstall && npm run test:funnel-invariants && npm run test:cli-telemetry && npm run test:pro-parity && npm run test:model-tier-router && npm run test:computer-use-firewall && npm run test:skill-exporter && npm run test:statusline && npm run test:evolution && npm run test:org-dashboard && npm run test:multi-hop-recall && npm run test:synthetic-dpo && npm run test:thumbgate-skill && npm run test:learn-hub && npm run test:feedback-fallback && npm run test:metaclaw && npm run test:server-lock && npm run test:control-tower && npm run test:pii-scanner && npm run test:data-governance && npm run test:lesson-inference && npm run test:semantic-dedup && npm run test:fs-utils && npm run test:cli-schema && npm run test:explore && npm run test:lesson-reranker && npm run test:lesson-retrieval && npm run test:lesson-semantic-retrieval && npm run test:cross-encoder && npm run test:reflector-agent && npm run test:feedback-session && npm run test:feedback-history-distiller && npm run test:hallucination-detector && npm run test:history-distiller && npm run test:predictive-insights && npm run test:predictive-credible-range && npm run test:prove-predictive-insights && npm run test:statusbar-cli && npm run test:generate-instagram-card && npm run test:instagram-thumbgate-post && npm run test:publish-instagram-thumbgate && npm run test:lesson-synthesis && npm run test:lesson-canonical && npm run test:background-governance && npm run test:memory-migration && npm run test:prompt-dlp && npm run test:ephemeral-store && npm run test:agent-security && npm run test:skill-progressive && npm run test:per-step-scoring && npm run test:weekly-auto-post && npm run test:social-post-hourly && npm run test:social-quality-gate && npm run test:a2ui-engine && npm run test:gate-satisfy && npm run test:money-watcher && npm run test:budget && npm run test:quick-start && npm run test:utm && npm run test:product-feedback && npm run test:feedback-root-consolidator && npm run test:engagement-audit && npm run test:install-growth-automation && npm run test:publish-thumbgate-launch && npm run test:community-course-platform-launch-kit && npm run test:reconcile-thumbgate-campaign && npm run test:reddit-publisher && npm run test:schedule-thumbgate-campaign && npm run test:social-reply-monitor && npm run test:social-dedupe-cleanup && npm run test:sync-launch-assets && npm run test:ai-search-visibility && npm run test:perplexity && npm run test:security-scanner && npm run test:llm-client && npm run test:managed-lesson-agent && npm run test:self-distill && npm run test:meta-agent && npm run test:harness-selector && npm run test:thumbgate-bench && npm run test:seo-guides && npm run test:enforcement-loop && npm run test:cli-agent-experience && npm run test:bot-detection && npm run test:checkout-archived-product-guard && npm run test:postgres-guard && npm run test:checkout-bot-guard && npm run test:checkout-pro-confirmation-gate && npm run test:session-health && npm run test:session-episodes && npm run test:spec-gate && npm run test:decision-trace && npm run test:dashboard-insights && npm run test:telemetry-tracked-link-slug && npm run test:prompt-eval && npm run test:demo-voiceover && npm run test:gate-coherence && npm run test:gate-eval && npm run test:high-roi && npm run test:public-static-assets && npm run test:token-savings && npm run test:numbers-page && npm run test:workflow-gate-checkpoint && npm run test:lesson-export-import && npm run test:landing-page-claims && npm run test:competitive-positioning-marketing && npm run test:medium-weekly && npm run test:dashboard-deeplink-e2e && npm run test:public-package-parity && npm run test:token-savings-dashboard && npm run test:cursor-wiring && npm run test:pretooluse-injection && npm run test:recent-corrective-context && npm run test:durability-step && npm run test:mailer && npm run test:brand-assets && npm run test:enforcement-teeth && npm run test:bayes-optimal-gate && npm run test:swarm-coordinator && npm run test:session-report && npm run test:agent-reasoning-traces && npm run test:judge-reward && npm run test:llm-behavior-monitor && npm run test:prompting-os && npm run test:single-use-credential-gate && npm run test:structured-prompt-driven && npm run test:require-evidence-gate && npm run test:rule-validator && npm run test:bluesky-atproto && npm run test:social-reply-monitor-bluesky && npm run test:bluesky-delete-replies && npm run test:architect-kit-memory-bridge && npm run test:sonar-review-hotspots && npm run test:actionable-remediations && npm run test:gemini-embedding-policy && npm run test:agent-design-governance && npm run test:public-core-boundary && npm run test:hook-stop-verify-deploy && npm run test:hook-stop-anti-claim && npm run test:plausible-server-events && npm run test:activation-tracker && npm run test:unified-revenue-rollup && npm run test:conversion-rate-stats && npm run test:external-customer-audit && npm run test:telemetry-export && npm run test:stripe-checkout-diagnostic && npm run test:stripe-business-identity-probe && npm run test:revenue-observability-doctor && npm run test:public-bundle-ratchet && npm run test:stripe-payment-link-update && npm run test:ci-cd-hygiene-audit && npm run test:verify-marketing-pages-deployed && npm run test:install-email-capture && npm run test:install-shim && npm run test:hook-runtime-subcommands && npm run test:implementation-notes && npm run test:daily-block-cap && npm run test:free-to-paid-conversion-units && npm run test:metrics-real-endpoint && npm run test:cli-trial-and-help && npm run test:cost-cli && npm run test:silent-failure-cluster && npm run test:proof:truth && node --test tests/adaptive-reliability.test.js && npm run test:mcp-oauth-reviewer",
     "test:hook-stop-verify-deploy": "node --test tests/hook-stop-verify-deploy.test.js",
     "test:hook-stop-anti-claim": "node --test tests/hook-stop-anti-claim.test.js",
     "test:plausible-server-events": "node --test tests/plausible-server-events.test.js tests/plausible-poller.test.js",
@@ -687,11 +690,12 @@
     "test:dashboard-page-clickability": "playwright test tests/e2e/dashboard-page-clickability.spec.js",
     "test:agent-manager-page-clickability": "playwright test tests/e2e/agent-manager-page-clickability.spec.js",
     "test:pricing-page-clickability": "playwright test tests/e2e/pricing-page-clickability.spec.js",
-    "test:proof:truth": "node --test tests/knowledge-entropy.test.js tests/mcp-wiring-doctor.test.js tests/sequence-guard.test.js tests/slopsquat-guard.test.js tests/slopsquat-stress.test.js tests/truth-and-proof.test.js tests/wire-proof-gate.test.js tests/adaptive-reliability.test.js",
+    "test:proof:truth": "node --test tests/knowledge-entropy.test.js tests/mcp-wiring-doctor.test.js tests/sequence-guard.test.js tests/slopsquat-guard.test.js tests/slopsquat-stress.test.js tests/truth-and-proof.test.js tests/wire-proof-gate.test.js tests/adaptive-reliability.test.js tests/coderabbit-patterns.test.js",
     "build:grok-plugin": "node scripts/build-grok-plugin.js",
     "promote:launch": "node scripts/x-autonomous-marketing.js",
     "feedback:ingest": "node scripts/ingest-manual-feedback.js",
-    "verify-proof": "node scripts/require-proof.js"
+    "verify-proof": "node scripts/require-proof.js",
+    "test:mcp-oauth-reviewer": "node --test tests/mcp-oauth-reviewer.test.js"
   },
   "keywords": [
     "mcp",

package/public/index.html

@@ -20,7 +20,7 @@ __GOOGLE_SITE_VERIFICATION_META__
 <meta property="og:image" content="https://thumbgate.ai/og.png">
 <meta name="twitter:card" content="summary_large_image">
 <meta name="twitter:image" content="https://thumbgate.ai/og.png">
-<meta name="thumbgate-version" content="1.25.1">
+<meta name="thumbgate-version" content="1.26.0">
 <meta name="keywords" content="ThumbGate, thumbgate, AI agent orchestration, AI experience orchestration, agentic development cycle, AC/DC framework, Guide Generate Verify Solve, agent enforcement layer, save LLM tokens, reduce Claude API cost, reduce OpenAI cost, AI agent token savings, prevent LLM retries, prevent hallucination retries, stop AI token waste, pre-action checks, agent governance, Claude Code, Cursor, Codex, Gemini, Amp, Cline, OpenCode, workflow hardening, context engineering, AI authenticity, brand authenticity AI">
 <link rel="canonical" href="__APP_ORIGIN__/">
 <link rel="alternate" type="text/markdown" title="ThumbGate LLM context" href="__APP_ORIGIN__/llm-context.md">
@@ -1586,7 +1586,7 @@ __GA_BOOTSTRAP__
       <a href="https://www.linkedin.com/in/igorganapolsky" target="_blank" rel="noopener">LinkedIn</a>
       <a href="/blog">Blog</a>
     </div>
-    <span class="footer-copy">© 2026 ThumbGate · MIT License · npm v1.25.1</span>
+    <span class="footer-copy">© 2026 ThumbGate · MIT License · npm v1.26.0</span>
   </div>
 </footer>
 

package/public/numbers.html

@@ -25,7 +25,7 @@
   "alternateName": "thumbgate",
   "applicationCategory": "DeveloperApplication",
   "operatingSystem": "Cross-platform, Node.js >=18.18.0",
-  "softwareVersion": "1.25.1",
+  "softwareVersion": "1.26.0",
   "url": "https://thumbgate.ai/numbers",
   "dateModified": "2026-05-07",
   "creator": {
@@ -202,7 +202,7 @@
 <main class="container">
   <h1>The Numbers</h1>
   <p class="subtitle">Generated first-party operational snapshot from the ThumbGate runtime. This is not customer traction, install volume, revenue, or proof that a configured gate has fired.</p>
-  <div class="freshness">Updated: 2026-05-07 · Version 1.25.1</div>
+  <div class="freshness">Updated: 2026-05-07 · Version 1.26.0</div>
   <div class="truth-note"><strong>Read this first:</strong> configured checks are inventory. Recorded blocks and warnings are usage evidence. This snapshot currently reports 0 recorded hard-block event(s) and 0 recorded warning event(s).</div>
 
   <h2>Gate enforcement</h2>

package/scripts/context-manager.js

@@ -1,6 +1,9 @@
 #!/usr/bin/env node
 'use strict';
 
+const fs = require('fs');
+const path = require('path');
+
 /**
  * Context Manager — Unified Context-Augmented Generation (CAG) Orchestrator
  *
@@ -248,6 +251,13 @@ function assembleUnifiedContext(params = {}) {
     reliabilityDirective = 'CAUTION: Conflicting past patterns detected for this action. Prioritize absolute ground truth verification over rapid completion.';
   }
 
+  // v1.26.0: CodeRabbit Planning Directive
+  const planPath = path.join(repoPath || process.cwd(), 'PLAN.md');
+  if (!fs.existsSync(planPath) && ['Bash', 'Write', 'Edit', 'Deploy'].includes(toolName)) {
+    const planReminder = 'ORCHESTRATION: High-risk action detected without a PLAN.md. Please document your intent, assumptions, and verification steps before proceeding.';
+    reliabilityDirective = reliabilityDirective ? `${reliabilityDirective}\n\n${planReminder}` : planReminder;
+  }
+
   const result = {
     tier,
     agentType: agentType || 'default',

package/scripts/gates-engine.js

@@ -55,6 +55,8 @@ const {
 const {
   evaluateSecurityScan,
 } = require('./security-scanner');
+const { evaluatePlanGate } = require('./plan-gate');
+const { getTrajectoryScore } = require('./trajectory-scorer');
 const { evaluateSequenceState } = loadOptionalModule('./sequence-guard', () => ({
   evaluateSequenceState: () => null,
 }));
@@ -91,6 +93,10 @@ const REMOTE_SIDE_EFFECT_BASH_PATTERN = /\b(?:git\s+push\b|gh\s+pr\s+(?:create|m
 const BOOSTED_RISK_BLOCK_SCORE = 0.8;
 const BOOSTED_RISK_MIN_EXAMPLES = 3;
 const PR_THREAD_RESOLUTION_ACTION = 'pr_thread_resolution_verified_after_commit';
+
+function isRuntimePlanGateEnabled() {
+  return process.env.THUMBGATE_PLAN_GATE === '1' || process.env.THUMBGATE_PLAN_GATE === 'true';
+}
 const PR_THREAD_RESOLUTION_CLAIM_PATTERN = '(?:thread|review|comment).*?(?:resolved|verified|checked|addressed|fixed)|(?:resolved|verified|checked|addressed|fixed).*?(?:thread|review|comment)';
 const PR_THREAD_RESOLUTION_REQUIRED_ACTIONS = ['pr_threads_checked', 'thread_resolution_verified'];
 
@@ -1512,6 +1518,23 @@ async function evaluateGatesAsync(toolName, toolInput, configPath) {
     return boostedRiskGuard;
   }
 
+  // Tier 1b: Planning and Trajectory (v1.26.0 - CodeRabbit Pattern).
+  // Keep runtime enforcement explicit so advisory planning checks do not mask
+  // higher-priority deny/approve gates in established workflows.
+  if (isRuntimePlanGateEnabled()) {
+    const planGate = evaluatePlanGate(toolName, toolInput);
+    if (planGate) {
+      recordStat(planGate.gate, planGate.decision === 'deny' ? 'block' : 'warn');
+      return planGate;
+    }
+
+    const trajectory = getTrajectoryScore();
+    if (trajectory.isDrifting) {
+      recordStat('strategic-drift', 'block');
+      return { decision: 'deny', gate: 'strategic-drift', message: trajectory.message, severity: 'high' };
+    }
+  }
+
   // Fast-path: feedback/recall tools skip metric gates entirely (avoids Stripe API calls)
   const METRIC_SKIP_TOOLS = ['capture_feedback', 'feedback_stats', 'recall', 'feedback_summary', 'prevention_rules'];
   const skipMetrics = METRIC_SKIP_TOOLS.includes(toolName);
@@ -1709,6 +1732,23 @@ function evaluateGates(toolName, toolInput, configPath) {
     return boostedRiskGuard;
   }
 
+  // Tier 1b: Planning and Trajectory (v1.26.0 - CodeRabbit Pattern).
+  // Keep runtime enforcement explicit so advisory planning checks do not mask
+  // higher-priority deny/approve gates in established workflows.
+  if (isRuntimePlanGateEnabled()) {
+    const planGate = evaluatePlanGate(toolName, toolInput);
+    if (planGate) {
+      recordStat(planGate.gate, planGate.decision === 'deny' ? 'block' : 'warn');
+      return planGate;
+    }
+
+    const trajectory = getTrajectoryScore();
+    if (trajectory.isDrifting) {
+      recordStat('strategic-drift', 'block');
+      return { decision: 'deny', gate: 'strategic-drift', message: trajectory.message, severity: 'high' };
+    }
+  }
+
   for (const gate of config.gates) {
     const matchDetails = matchGate(gate, toolName, toolInput);
     if (!matchDetails.matched) continue;
@@ -2135,10 +2175,7 @@ function buildRecentCorrectiveActionsContext(options = {}) {
 function buildRelevantLessonContext(toolName, toolInput) {
   if (!toolName) return null;
 
-  const { retrieveRelevantLessons, calculateRetrievalEntropy } = loadOptionalModule('./lesson-retrieval', () => ({
-    retrieveRelevantLessons: () => [],
-    calculateRetrievalEntropy: () => 0,
-  }));
+  const { retrieveRelevantLessons, calculateRetrievalEntropy, filterTopP } = loadOptionalModule("./lesson-retrieval", () => ({ retrieveRelevantLessons: () => [], calculateRetrievalEntropy: () => 0, filterTopP: (l) => l }));
 
   // Extract a searchable action context from the tool input
   const actionContext = extractActionContext(toolName, toolInput);

package/scripts/install-shim.js

@@ -0,0 +1,84 @@
+'use strict';
+
+/**
+ * install-shim.js — Install a stable shim at ~/.thumbgate/bin/thumbgate-hook
+ *
+ * The shim is a tiny shell script that always resolves thumbgate@latest,
+ * so hook commands in settings.local.json never go stale. This is the
+ * Volta-style pattern: a version-agnostic indirection layer that survives
+ * across thumbgate upgrades.
+ *
+ * The shim checks for a cached runtime binary first (fast path), and falls
+ * back to `npx --yes thumbgate@latest` (slow path, self-installs).
+ */
+
+const fs = require('fs');
+const path = require('path');
+const os = require('os');
+
+const SHIM_DIR = path.join(os.homedir(), '.thumbgate', 'bin');
+const SHIM_PATH = path.join(SHIM_DIR, 'thumbgate-hook');
+const RUNTIME_BIN = path.join(os.homedir(), '.thumbgate', 'runtime', 'node_modules', '.bin', 'thumbgate');
+
+/**
+ * The shim script. Key design choices:
+ * - Uses `exec` to replace the shell process (no zombie processes)
+ * - Fast path: if cached runtime binary exists, exec it directly
+ * - Slow path: npx --yes thumbgate@latest (auto-installs)
+ * - Background upgrade: after the fast path succeeds once, spawn a
+ *   detached npm install to refresh the cache for next time
+ */
+function shimContent() {
+  const escapedRuntimeBin = JSON.stringify(RUNTIME_BIN);
+  const escapedRuntimeDir = JSON.stringify(path.join(os.homedir(), '.thumbgate', 'runtime'));
+
+  return `#!/usr/bin/env bash
+# ThumbGate hook shim — DO NOT EDIT
+# Installed by: thumbgate init
+# Purpose: version-agnostic hook entry point that always runs latest ThumbGate
+# Pattern: Volta-style stable shim (see https://volta.sh)
+
+set -euo pipefail
+
+RUNTIME_BIN=${escapedRuntimeBin}
+RUNTIME_DIR=${escapedRuntimeDir}
+
+# Fast path: cached runtime binary exists and is executable
+if [ -x "$RUNTIME_BIN" ]; then
+  # Spawn background upgrade (detached, no stdout/stderr, won't block hook)
+  ( nohup npm install --prefix "$RUNTIME_DIR" --no-save --omit=dev thumbgate@latest >/dev/null 2>&1 & ) 2>/dev/null || true
+  exec "$RUNTIME_BIN" "$@"
+fi
+
+# Slow path: no cached binary — install + exec via npx
+mkdir -p "$RUNTIME_DIR"
+exec npx --yes --package thumbgate@latest -- thumbgate "$@"
+`;
+}
+
+function installShim() {
+  fs.mkdirSync(SHIM_DIR, { recursive: true });
+  fs.writeFileSync(SHIM_PATH, shimContent(), { mode: 0o755 });
+  return SHIM_PATH;
+}
+
+function shimInstalled() {
+  try {
+    return fs.existsSync(SHIM_PATH) && (fs.statSync(SHIM_PATH).mode & 0o111) !== 0;
+  } catch {
+    return false;
+  }
+}
+
+function shimPath() {
+  return SHIM_PATH;
+}
+
+module.exports = {
+  installShim,
+  shimInstalled,
+  shimPath,
+  shimContent,
+  SHIM_DIR,
+  SHIM_PATH,
+};

package/scripts/plan-gate.js

@@ -0,0 +1,232 @@
+#!/usr/bin/env node
+'use strict';
+
+/**
+ * Plan Gate — implementing the CodeRabbit "Planning-First" pattern.
+ *
+ * 1. (Static) Validates structured 'PLAN.md' / 'PRD' content (used in loop-closure).
+ * 2. (Dynamic) Intercepts high-risk tool calls during agent execution.
+ */
+
+const fs = require('fs');
+const path = require('path');
+
+const RISK_TOOLS = ['Bash', 'Write', 'Edit', 'Deploy'];
+
+// ---------------------------------------------------------------------------
+// Gate validators (Legacy / Loop Closure)
+// ---------------------------------------------------------------------------
+
+function countTableRows(content, sectionHeading) {
+  const sectionRegex = new RegExp(
+    `#+\\s*${sectionHeading}[^\\n]*\\n([\\s\\S]*?)(?=\\n#+\\s|$)`,
+  );
+  const match = content.match(sectionRegex);
+  if (!match) return 0;
+
+  const lines = match[1].split('\n').filter((l) => l.trim().startsWith('|'));
+  // Subtract header row and separator row
+  const dataRows = lines.filter(
+    (l) => !/^\|\s*-+/.test(l.trim()) && !/^\|\s*:?-+/.test(l.trim()),
+  );
+  // First row is the header
+  return Math.max(0, dataRows.length - 1);
+}
+
+function countContracts(content) {
+  const sectionRegex = /#+\s*Contracts[^\n]*\n([\s\S]*?)(?=\n#+\s|$)/;
+  const match = content.match(sectionRegex);
+  if (!match) return 0;
+
+  const section = match[1];
+  // Find code blocks and look for interface/type keywords inside them
+  const codeBlockRegex = /```[\s\S]*?```/g;
+  let count = 0;
+  let blockMatch;
+  while ((blockMatch = codeBlockRegex.exec(section)) !== null) {
+    const block = blockMatch[0];
+    const interfaceMatches = block.match(/\b(interface|type)\s+\w+/g);
+    if (interfaceMatches) count += interfaceMatches.length;
+  }
+  return count;
+}
+
+function countValidationScenarios(content) {
+  const sectionRegex =
+    /#+\s*Validation\s+Checklist[^\n]*\n([\s\S]*?)(?=\n#+\s|$)/;
+  const match = content.match(sectionRegex);
+  if (!match) return 0;
+
+  const lines = match[1].split('\n');
+  return lines.filter((l) => /^\s*-\s*\[\s*\]/.test(l)).length;
+}
+
+function getStatus(content) {
+  const match = content.match(/#+\s*Status[^\n]*\n\s*(\S+)/);
+  return match ? match[1].trim() : null;
+}
+
+function validatePlan(content) {
+  const questionCount = countTableRows(content, 'Clarifying Questions Resolved');
+  const contractCount = countContracts(content);
+  const scenarioCount = countValidationScenarios(content);
+  const status = getStatus(content);
+
+  const gates = [
+    {
+      name: 'Clarifying Questions',
+      pass: questionCount >= 3,
+      detail: `${questionCount} questions resolved`,
+    },
+    {
+      name: 'Contracts Defined',
+      pass: contractCount >= 1,
+      detail: `${contractCount} interface${contractCount !== 1 ? 's' : ''} found`,
+    },
+    {
+      name: 'Validation Checklist',
+      pass: scenarioCount >= 2,
+      detail: `${scenarioCount} scenarios defined`,
+    },
+    {
+      name: 'Status',
+      pass: status !== 'COMPLETE',
+      detail:
+        status === 'COMPLETE'
+          ? 'COMPLETE (already finished — cannot re-approve)'
+          : `${status || 'UNKNOWN'} (not COMPLETE)`,
+    },
+  ];
+
+  const allPass = gates.every((g) => g.pass);
+  return { gates, allPass };
+}
+
+function formatReport(result) {
+  const lines = result.gates.map(
+    (g) => `${g.pass ? '✅' : '❌'} ${g.name}: ${g.detail}`,
+  );
+  lines.push('');
+  lines.push(
+    result.allPass
+      ? 'RESULT: PASS — all gates satisfied'
+      : 'RESULT: BLOCKED — resolve issues above before spawning agents',
+  );
+  return lines.join('\n');
+}
+
+// ---------------------------------------------------------------------------
+// Dynamic Gating (CodeRabbit Orchestration Pattern)
+// ---------------------------------------------------------------------------
+
+/**
+ * Evaluates the planning state for the current tool call.
+ */
+function evaluatePlanGate(toolName, toolInput, options = {}) {
+  if (!RISK_TOOLS.includes(toolName)) return null;
+
+  const projectRoot = options.projectRoot || process.cwd();
+  const planPath = path.join(projectRoot, 'PLAN.md');
+
+  // Tier 1: Existence Check
+  if (!fs.existsSync(planPath)) {
+    return {
+      decision: 'warn',
+      gate: 'plan-gate-missing',
+      message: '⚠️ THUMBGATE: High-risk tool call without a PLAN.md. Please create a plan documenting your intent and assumptions.',
+      severity: 'high'
+    };
+  }
+
+  // Tier 2: Alignment Check (Simple)
+  const planContent = fs.readFileSync(planPath, 'utf8');
+  const action = toolName === 'Bash' ? toolInput.command : toolInput.filePath;
+  
+  if (action && !planContent.toLowerCase().includes(path.basename(action).toLowerCase())) {
+    return {
+      decision: 'warn',
+      gate: 'plan-gate-drift',
+      message: `⚠️ THUMBGATE: Strategic Drift detected. The action "${action}" is not mentioned in your PLAN.md.`,
+      severity: 'medium'
+    };
+  }
+
+  // Tier 3: Implicit Assumption Extraction
+  const assumptions = extractAssumptions(planContent);
+  if (assumptions.length > 0) {
+    return {
+      decision: 'warn',
+      gate: 'plan-gate-assumptions',
+      message: '🔍 THUMBGATE: Explicitly verify these implicit assumptions before proceeding:\n- ' + assumptions.join('\n- '),
+      severity: 'medium'
+    };
+  }
+
+  return null;
+}
+
+/**
+ * Scans plan content for "Assumes" or "Implicit" keywords.
+ */
+function extractAssumptions(content) {
+  const lines = content.split('\n');
+  const assumptions = [];
+  const regex = /(?:assume|assumption|implicit|pre-requisite|depends on)s?[:\-]?\s*(.*)/i;
+  
+  for (const line of lines) {
+    const match = line.match(regex);
+    if (match && match[1].trim()) {
+      assumptions.push(match[1].trim());
+    }
+  }
+  return assumptions.slice(0, 5);
+}
+
+// ---------------------------------------------------------------------------
+// Main
+// ---------------------------------------------------------------------------
+
+function run() {
+  const args = process.argv.slice(2);
+  const jsonFlag = args.includes('--json');
+  const filePath = args.find((a) => a !== '--json');
+
+  if (!filePath) {
+    console.error('Usage: node scripts/plan-gate.js <plan-file.md> [--json]');
+    process.exit(1);
+  }
+
+  const resolved = path.resolve(filePath);
+  if (!fs.existsSync(resolved)) {
+    console.error(`File not found: ${resolved}`);
+    process.exit(1);
+  }
+
+  const content = fs.readFileSync(resolved, 'utf-8');
+  const result = validatePlan(content);
+
+  if (jsonFlag) {
+    console.log(JSON.stringify(result, null, 2));
+  } else {
+    console.log(formatReport(result));
+  }
+
+  process.exit(result.allPass ? 0 : 1);
+}
+
+// Export for testing
+module.exports = {
+  validatePlan,
+  formatReport,
+  countTableRows,
+  countContracts,
+  countValidationScenarios,
+  getStatus,
+  evaluatePlanGate,
+  extractAssumptions,
+};
+
+// Run only when executed directly
+if (require.main === module) {
+  run();
+}

package/scripts/thompson-sampling.js

@@ -301,6 +301,24 @@ function getCalibration(model) {
 // Posterior Sampling
 // ---------------------------------------------------------------------------
 
+/**
+ * Return the Beta posterior parameters after applying Thompson temperature
+ * scaling. The posterior mean is preserved while precision changes:
+ * lower temperatures sharpen the posterior, higher temperatures flatten it.
+ *
+ * @param {Object} params - Category posterior parameters
+ * @param {number} temperature - Scaling factor (default 1.0)
+ * @returns {{ alpha: number, beta: number }}
+ */
+function getTemperatureScaledPosteriorParams(params, temperature = 1.0) {
+  const T = Math.max(0.01, Number(temperature) || 1.0);
+  const invT = 1.0 / T;
+  return {
+    alpha: Math.max(params.alpha * invT, 0.01),
+    beta: Math.max(params.beta * invT, 0.01),
+  };
+}
+
 /**
  * Draw one sample from the Beta posterior for each category.
  * Supports temperature scaling to adjust exploitation vs exploration.
@@ -318,13 +336,9 @@ function getCalibration(model) {
  */
 function samplePosteriors(model, temperature = 1.0) {
   const samples = {};
-  const T = Math.max(0.01, Number(temperature) || 1.0);
-  const invT = 1.0 / T;
 
   for (const [cat, params] of Object.entries(model.categories || {})) {
-    // Scale precision by inverse temperature
-    const alpha = Math.max(params.alpha * invT, 0.01);
-    const beta = Math.max(params.beta * invT, 0.01);
+    const { alpha, beta } = getTemperatureScaledPosteriorParams(params, temperature);
     samples[cat] = betaSample(alpha, beta);
   }
   return samples;
@@ -457,6 +471,7 @@ module.exports = {
   getReliability,
   isCalibrated,
   getCalibration,
+  getTemperatureScaledPosteriorParams,
   samplePosteriors,
   argmaxPosteriors,
   pickBestCategory,

package/scripts/tool-registry.js

@@ -476,6 +476,7 @@ const TOOLS = [
         bundleId: { type: 'string' },
         partnerProfile: { type: 'string' },
         delegationMode: { type: 'string', enum: ['off', 'auto', 'sequential'] },
+        enforcePlanQuality: { type: 'boolean' },
         approved: { type: 'boolean' },
         repoPath: { type: 'string' },
       },

package/scripts/trajectory-scorer.js

@@ -0,0 +1,63 @@
+#!/usr/bin/env node
+'use strict';
+
+/**
+ * Trajectory Scorer — Strategic Drift Detection.
+ *
+ * Measures the "Semantic Distance" between the original user intent 
+ * (from primer.md) and the current set of changed files.
+ *
+ * If the agent modifies too many unrelated files, it triggers a safety block.
+ */
+
+const fs = require('fs');
+const path = require('path');
+const { execSync } = require('child_process');
+
+function getTrajectoryScore(options = {}) {
+  const projectRoot = options.projectRoot || process.cwd();
+  const primerPath = path.join(projectRoot, 'primer.md');
+
+  if (!fs.existsSync(primerPath)) return { score: 0, isDrifting: false, drift: false };
+
+  const intent = fs.readFileSync(primerPath, 'utf8').toLowerCase();
+  
+  // Get currently modified files (unstaged + staged)
+  let changedFiles = options.changedFiles;
+  if (!changedFiles) {
+    try {
+      const output = execSync('git diff --name-only HEAD', { cwd: projectRoot, encoding: 'utf8' });
+      changedFiles = output.split('\n').filter(f => f.trim());
+    } catch {
+      return { score: 0, isDrifting: false, drift: false };
+    }
+  }
+
+  if (changedFiles.length === 0) return { score: 0, isDrifting: false, drift: false };
+
+  // Calculate drift: How many changed files are NOT mentioned in the intent?
+  let driftCount = 0;
+  for (const file of changedFiles) {
+    const base = path.basename(file).toLowerCase();
+    if (!intent.includes(base)) {
+      driftCount++;
+    }
+  }
+
+  const driftRatio = driftCount / changedFiles.length;
+  const isDrifting = driftRatio > 0.6 && changedFiles.length > 3;
+
+  return {
+    score: Number((1 - driftRatio).toFixed(2)),
+    changedCount: changedFiles.length,
+    driftCount,
+    isDrifting,
+    message: isDrifting 
+      ? `🚫 THUMBGATE: Strategic Drift Detected. You have modified ${changedFiles.length} files, but ${driftCount} of them were not mentioned in the original intent. Please refocus or update the intent.`
+      : null
+  };
+}
+
+module.exports = {
+  getTrajectoryScore
+};

package/src/api/server.js

@@ -3662,6 +3662,49 @@ function extractApiKey(req) {
   return '';
 }
 
+/**
+ * Map a ThumbGate key presented at the OAuth consent screen to a role.
+ *
+ * - When any key is configured (production), the presented key MUST match a
+ *   configured admin/operator/reviewer key; otherwise returns null (reject) so
+ *   the OAuth flow actually authenticates the holder.
+ * - When NO keys are configured (insecure/dev mode, e.g. local tests), any
+ *   non-empty key is accepted as role 'dev' to preserve local development.
+ *
+ * 'reviewer' (THUMBGATE_REVIEWER_KEY) is a read-only, independently-revocable
+ * credential safe to share with a directory reviewer — tool execution enforces
+ * read-only for it (see the tools/call handler).
+ */
+// Constant-time comparison of two API/OAuth bearer keys. We compare the raw
+// bytes with crypto.timingSafeEqual after an explicit equal-length guard
+// (timingSafeEqual throws on a length mismatch). No digest is taken: these are
+// high-entropy random credentials compared transiently at request time, not
+// user passwords stored at rest, so neither a KDF (bcrypt/scrypt/argon2) nor a
+// length-normalizing hash is appropriate — and hashing the credential here is
+// exactly what static analysis (correctly, for *stored* passwords) flags. The
+// only side-channel is whether the two keys share a length, which reveals
+// nothing useful about a random secret. Once lengths match, the byte compare
+// is constant-time and leaks no information about where they differ.
+function safeKeyEqual(a, b) {
+  const x = Buffer.from(String(a || ''), 'utf8');
+  const y = Buffer.from(String(b || ''), 'utf8');
+  if (x.length === 0 || y.length === 0 || x.length !== y.length) return false;
+  return require('crypto').timingSafeEqual(x, y);
+}
+
+function resolveKeyRole(key) {
+  const k = String(key || '').trim();
+  const adminKey = String(process.env.THUMBGATE_API_KEY || '').trim();
+  const operatorKey = String(process.env.THUMBGATE_OPERATOR_KEY || '').trim();
+  const reviewerKey = String(process.env.THUMBGATE_REVIEWER_KEY || '').trim();
+  const configured = [adminKey, operatorKey, reviewerKey].filter(Boolean);
+  if (configured.length === 0) return k ? 'dev' : null;
+  if (safeKeyEqual(k, adminKey)) return 'admin';
+  if (safeKeyEqual(k, operatorKey)) return 'operator';
+  if (safeKeyEqual(k, reviewerKey)) return 'reviewer';
+  return null;
+}
+
 /**
  * Admin-only guard for static THUMBGATE_API_KEY.
  * Billing keys are intentionally excluded from admin actions.
@@ -3883,7 +3926,8 @@ function createApiServer() {
               // operator/admin key — never "any non-empty bearer".
               const adminKey = String(process.env.THUMBGATE_API_KEY || '').trim();
               const operatorKey = String(process.env.THUMBGATE_OPERATOR_KEY || '').trim();
-              const rawKeyValid = Boolean(bearer) && ((adminKey && bearer === adminKey) || (operatorKey && bearer === operatorKey));
+              const reviewerKey = String(process.env.THUMBGATE_REVIEWER_KEY || '').trim();
+              const rawKeyValid = Boolean(bearer) && (safeKeyEqual(bearer, adminKey) || safeKeyEqual(bearer, operatorKey) || safeKeyEqual(bearer, reviewerKey));
               const authed = oauthSession
                 ? mcpOauth.tokenAudienceValid(oauthSession, resourceUrl)
                 : rawKeyValid;
@@ -3899,6 +3943,24 @@ function createApiServer() {
                 }));
                 return;
               }
+              // The reviewer credential (THUMBGATE_REVIEWER_KEY) is read-only: it may
+              // only invoke tools annotated readOnlyHint:true. This makes a credential
+              // safe to share (e.g. with a directory reviewer) without granting the
+              // ability to mutate shared server state.
+              const effectiveKey = oauthSession ? String(oauthSession.boundKey || '') : bearer;
+              const isReviewer = Boolean(reviewerKey) && safeKeyEqual(effectiveKey, reviewerKey);
+              if (isReviewer) {
+                const name = msg.params && msg.params.name;
+                const tool = MCP_TOOLS.find((t) => t.name === name);
+                const readOnly = Boolean(tool && tool.annotations && tool.annotations.readOnlyHint === true);
+                if (!readOnly) {
+                  sendJson(res, 200, {
+                    jsonrpc: '2.0', id: msg.id,
+                    error: { code: -32002, message: `Tool "${name}" requires write access; the reviewer credential is read-only.` },
+                  });
+                  return;
+                }
+              }
               (async () => {
                 try {
                   const { callTool } = require('../../adapters/mcp/server-stdio');
@@ -5278,6 +5340,14 @@ ${hidden}
           const form = new URLSearchParams(body);
           const redirectUri = form.get('redirect_uri') || '';
           const state = form.get('state') || '';
+          // Validate the presented ThumbGate key before issuing a code. When keys
+          // are configured (production) the key MUST match a configured admin /
+          // operator / reviewer key — otherwise OAuth would authenticate nobody.
+          // In insecure/dev mode (no keys configured) any non-empty key is accepted.
+          if (!resolveKeyRole(form.get('api_key') || '')) {
+            sendJson(res, 400, { error: 'access_denied', error_description: 'invalid ThumbGate API key' });
+            return;
+          }
           const issued = mcpOauth.createAuthorizationCode(oauthStore, {
             clientId: form.get('client_id') || '',
             redirectUri,
@@ -6796,6 +6866,7 @@ ${hidden}
             bundleId: body.bundleId,
             partnerProfile: body.partnerProfile,
             delegationMode: body.delegationMode,
+            enforcePlanQuality: body.enforcePlanQuality === true,
             approved: body.approved === true,
             repoPath: body.repoPath,
           });