thumbgate 1.26.8 → 1.27.2

package/public/index.html

@@ -20,7 +20,7 @@ __GOOGLE_SITE_VERIFICATION_META__
 <meta property="og:image" content="https://thumbgate.ai/og.png">
 <meta name="twitter:card" content="summary_large_image">
 <meta name="twitter:image" content="https://thumbgate.ai/og.png">
-<meta name="thumbgate-version" content="1.26.8">
+<meta name="thumbgate-version" content="1.27.2">
 <meta name="keywords" content="ThumbGate, thumbgate, AI agent orchestration, AI experience orchestration, agentic development cycle, AC/DC framework, Guide Generate Verify Solve, agent enforcement layer, save LLM tokens, reduce Claude API cost, reduce OpenAI cost, AI agent token savings, prevent LLM retries, prevent hallucination retries, stop AI token waste, pre-action checks, agent governance, Claude Code, Cursor, Codex, Gemini, Amp, Cline, OpenCode, workflow hardening, context engineering, AI authenticity, brand authenticity AI">
 <link rel="canonical" href="__APP_ORIGIN__/">
 <link rel="alternate" type="text/markdown" title="ThumbGate LLM context" href="__APP_ORIGIN__/llm-context.md">
@@ -574,6 +574,15 @@ __GA_BOOTSTRAP__
   .price-card li { font-size: 14px; color: var(--text-muted); padding: 6px 0; display: flex; align-items: flex-start; gap: 8px; }
   .price-card li::before { content: "✓"; color: var(--cyan); font-weight: 700; flex-shrink: 0; }
   .price-card.pro li::before { color: var(--cyan); }
+  .pricing-matrix { max-width: 1080px; margin: 24px auto 0; overflow-x: auto; border: 1px solid var(--border); border-radius: 12px; background: var(--bg-card); }
+  .pricing-matrix table { width: 100%; min-width: 760px; border-collapse: collapse; }
+  .pricing-matrix caption { text-align: left; padding: 18px 18px 0; color: var(--text); font-weight: 800; font-size: 16px; }
+  .pricing-matrix th,
+  .pricing-matrix td { padding: 13px 16px; border-bottom: 1px solid var(--border); text-align: left; vertical-align: top; font-size: 13px; line-height: 1.45; color: var(--text-muted); }
+  .pricing-matrix th { color: var(--cyan); background: rgba(34,211,238,0.06); font-weight: 800; }
+  .pricing-matrix tr:last-child td { border-bottom: 0; }
+  .pricing-matrix strong { color: var(--text); }
+  .pricing-note { max-width: 880px; margin: 14px auto 0; color: var(--text-muted); font-size: 12px; line-height: 1.55; text-align: center; }
   .btn-free,
   .btn-demo-link { display: block; text-align: center; padding: 10px; border: 1px solid var(--border); border-radius: 8px; color: var(--text); text-decoration: none; font-size: 14px; font-weight: 500; transition: border-color 0.15s; }
   .btn-free:hover,
@@ -722,7 +731,7 @@ __GA_BOOTSTRAP__
   <div class="container">
     <div class="hero-badge">👍 👎 The Firewall for AI Agents</div>
     <h1>The Infrastructure Firewall for AI Coding Agents.</h1>
-    <p class="hero-lede">AI will always hallucinate and break things. We don't try to make AI smarter; we make its mistakes harmless. ThumbGate keeps the Senior Architect in control by blocking dangerous tool calls before they hit the disk.</p>
+    <p class="hero-lede">AI agents will always hallucinate and break things — we make their mistakes harmless. ThumbGate runs in the PreToolUse hook on your machine and blocks the dangerous tool call — rm -rf, leaked keys, off-scope edits, a bad git push — before it executes. No server, no gateway, no waiting on an enterprise rollout.</p>
 
     <div class="hero-proof-card" aria-label="ThumbGate blocking example">
       <div class="terminal-row muted">$ agent attempts risky action</div>
@@ -765,6 +774,11 @@ __GA_BOOTSTRAP__
       <blockquote style="margin:0;font-size:18px;line-height:1.5;color:var(--text);font-style:italic;">&ldquo;A better dashboard doesn&rsquo;t make the agents more reliable. The hard part isn&rsquo;t visibility. It&rsquo;s trust.&rdquo;</blockquote>
       <figcaption style="margin-top:12px;font-size:13px;color:var(--text-muted);">— Rob May, CEO &amp; co-founder, Neurometric AI, in <a href="https://thenewstack.io/claude-code-agent-view/" target="_blank" rel="noopener" style="color:var(--cyan);">The New Stack</a> on Anthropic&rsquo;s Claude Code Agent View (May 2026). ThumbGate is the open-source layer that makes the trust part real: PreToolUse gates, thumbs-down to rule, audit trail on every interception.</figcaption>
     </figure>
+    <figure style="max-width:760px;margin:24px auto 0;padding:20px 24px;border-left:3px solid var(--cyan);background:rgba(34,211,238,0.04);border-radius:0 8px 8px 0;">
+      <p style="margin:0 0 8px;font-size:14px;color:var(--text-muted);text-transform:uppercase;letter-spacing:0.08em;">Local-first is the new default</p>
+      <blockquote style="margin:0;font-size:16px;line-height:1.55;color:var(--text);">Perplexity demoed a Personal Computer agent at Computex 2026 that <strong>asks the user before sending sensitive content to the cloud</strong>. Automation Anywhere shipped EnterpriseClaw with Cisco, NVIDIA, Okta, and OpenAI — <strong>central policy, locally enforced, audit reported back</strong>. The architectural debate is settled. ThumbGate runs the same pattern for the coding agent already on your laptop.</blockquote>
+      <figcaption style="margin-top:12px;font-size:13px;color:var(--text-muted);">Sources: Perplexity at Intel Computex keynote (2026-06-02), Automation Anywhere EnterpriseClaw launch (Imagine 2026), <a href="https://thenewstack.io/automation-anywhere-enterpriseclaw-ai-agents/" target="_blank" rel="noopener" style="color:var(--cyan);">The New Stack coverage</a>.</figcaption>
+    </figure>
     <div class="first-check-card" id="first-check">
       <div class="section-label" style="text-align:left;margin-bottom:8px;">First-Dollar Activation Path</div>
       <h2>Block your first repeated AI mistake in 5 minutes.</h2>
@@ -1364,7 +1378,7 @@ __GA_BOOTSTRAP__
       <div class="price-card pro" data-price-dollars="19">
         <div class="tier">Pro</div>
         <div class="price">$19<span style="font-size:16px;color:var(--text-dim)">/mo</span></div>
-        <div class="price-sub"><strong>The free npm package runs your gates locally and never expires.</strong> Pro is what we operate for you: hosted lesson sync across all your machines, adapter matrix kept current as agent runtimes ship breaking changes, and a dashboard you don't have to babysit.</div>
+        <div class="price-sub"><strong>Don't buy a tool — buy hosted sync + compatibility insurance.</strong> The free CLI runs your gates locally, but Pro is what we operate for you: secure SQLite sync across all your machines (saving you from managing database migrations manually across developer boxes) and active adapter maintenance to stay compatible with weekly breaking updates in Claude Code, Cursor, and Cline.</div>
         <ul>
           <li><strong>Block every repeat mistake</strong> — unlimited feedback captures and prevention rules (Free caps at 3 active rules)</li>
           <li><strong>Never re-explain a correction</strong> — lesson recall and search across sessions on every agent surface</li>
@@ -1393,6 +1407,7 @@ __GA_BOOTSTRAP__
           <li>Everything in Pro for each seat</li>
           <li>Shared lesson database for Team seats, with export/import and shared workflow rules</li>
           <li>Org dashboard visibility across agent surfaces</li>
+          <li>Enterprise Data Chat over local ThumbGate lessons, gates, and rollout readiness; Dialogflow CX / Vertex integration is enabled only when deployment evidence is configured</li>
           <li>Hosted review views for team verification evidence</li>
           <li>Check template library for deploys, publish, refunds, and DB work</li>
           <li>Workflow hardening sprint intake for approval boundaries and rollback safety</li>
@@ -1402,6 +1417,65 @@ __GA_BOOTSTRAP__
         <p style="font-size:11px;color:var(--text-muted);margin-top:8px;text-align:center;">Team is $49/seat/mo with a 3-seat minimum, but team rollouts start through intake so the workflow, shared rules, and rollout proof are explicit before checkout.</p>
       </div>
     </div>
+    <div class="pricing-matrix" aria-label="Plan capability comparison">
+      <table>
+        <caption>Compare plans at a glance</caption>
+        <thead>
+          <tr>
+            <th scope="col">Capability</th>
+            <th scope="col">Free</th>
+            <th scope="col">Pro</th>
+            <th scope="col">Team</th>
+            <th scope="col">Regulated</th>
+          </tr>
+        </thead>
+        <tbody>
+          <tr>
+            <td><strong>Best for</strong></td>
+            <td>Solo proof that a repeat mistake can be blocked</td>
+            <td>One operator who wants hosted sync, dashboard proof, and exports</td>
+            <td>Teams that need one person's correction to protect every seat</td>
+            <td>Banking, insurance, healthcare, public sector, or audited workflows</td>
+          </tr>
+          <tr>
+            <td><strong>Price</strong></td>
+            <td>$0</td>
+            <td>$19/mo or $149/yr</td>
+            <td>$49/seat/mo after scope, 3-seat minimum</td>
+            <td>Scoped after regulated intake</td>
+          </tr>
+          <tr>
+            <td><strong>Feedback captures</strong></td>
+            <td>5/day, 25 total</td>
+            <td>Unlimited</td>
+            <td>Unlimited shared across seats</td>
+            <td>Custom retention and evidence policy</td>
+          </tr>
+          <tr>
+            <td><strong>Active prevention rules</strong></td>
+            <td>3 active rules</td>
+            <td>Unlimited personal rules</td>
+            <td>Shared org rules plus per-seat rules</td>
+            <td>Policy templates, approvals, and audit export</td>
+          </tr>
+          <tr>
+            <td><strong>Dashboard and proof</strong></td>
+            <td>Local CLI evidence</td>
+            <td>Personal dashboard, check debugger, DPO/HF exports</td>
+            <td>Org dashboard, hosted review views, workflow rollout proof</td>
+            <td>SIEM-ready decision trail and compliance evidence package</td>
+          </tr>
+          <tr>
+            <td><strong>How to start</strong></td>
+            <td><code>npx thumbgate init</code></td>
+            <td>Self-serve Stripe checkout</td>
+            <td>Send one repeated workflow failure first</td>
+            <td>Start regulated workflow review</td>
+          </tr>
+        </tbody>
+      </table>
+    </div>
+    <p class="pricing-note">Free proves the enforcement loop. Pro removes solo limits. Team and Regulated plans start through intake because shared rules, permissions, rollback paths, and rollout proof must be explicit before checkout.</p>
     <div style="max-width:1080px;margin:24px auto 0;">
       <div class="price-card regulated" style="border:1px solid var(--cyan);background:linear-gradient(180deg, rgba(34,211,238,0.04), transparent);padding:24px 28px;">
         <div style="display:flex;flex-wrap:wrap;align-items:flex-start;gap:24px;justify-content:space-between;">
@@ -1416,6 +1490,7 @@ __GA_BOOTSTRAP__
               <li><strong>Self-managed deployment</strong> — air-gapped or VPC-hosted; no agent state leaves your boundary</li>
               <li><strong>DORA / EU AI Act evidence packaging</strong> — machine-readable reports aligned to Article 6, 28, and high-risk provider monitoring obligations</li>
               <li><strong>SSO + role separation</strong> — operator, reviewer, and auditor roles enforced at the gate layer</li>
+              <li><strong>Enterprise Data Chat</strong> — local ThumbGate data Q&amp;A with Dialogflow CX / Vertex-ready governance; live cloud-agent claims require deployment evidence first</li>
               <li><strong>Workflow proof plan included</strong> — a scoped review that proves the boundary against one of your real repeated-failure cases before broader rollout</li>
               <li><strong>Quarterly red-team review</strong> — prompt-injection and policy-bypass exercises with written findings</li>
             </ul>
@@ -1594,7 +1669,7 @@ __GA_BOOTSTRAP__
       <a href="https://www.linkedin.com/in/igorganapolsky" target="_blank" rel="noopener">LinkedIn</a>
       <a href="/blog">Blog</a>
     </div>
-    <span class="footer-copy">© 2026 ThumbGate · MIT License · npm v1.26.8</span>
+    <span class="footer-copy">© 2026 ThumbGate · MIT License · npm v1.27.2</span>
   </div>
 </footer>
 

package/public/learn.html

@@ -79,6 +79,36 @@
       {
         "@type": "ListItem",
         "position": 7,
+        "url": "https://thumbgate.ai/learn/agentic-enterprise-context-brain",
+        "name": "Agentic Enterprise Context Brain: Memory Plus Enforcement"
+      },
+      {
+        "@type": "ListItem",
+        "position": 8,
+        "url": "https://thumbgate.ai/learn/deterministic-agent-workflows",
+        "name": "Deterministic Agent Workflows Need Runtime Gates"
+      },
+      {
+        "@type": "ListItem",
+        "position": 9,
+        "url": "https://thumbgate.ai/learn/codex-role-plugins-need-governance",
+        "name": "Codex Role Plugins Need Pre-Action Governance"
+      },
+      {
+        "@type": "ListItem",
+        "position": 10,
+        "url": "https://thumbgate.ai/learn/agentic-os-team-governance",
+        "name": "Agentic OS Team Governance: Three Tiers Plus Gates"
+      },
+      {
+        "@type": "ListItem",
+        "position": 11,
+        "url": "https://thumbgate.ai/learn/cost-aware-agent-gate-routing",
+        "name": "Cost-Aware Agent Gate Routing"
+      },
+      {
+        "@type": "ListItem",
+        "position": 12,
         "url": "https://thumbgate.ai/learn/from-prototype-to-production",
         "name": "From git init to v1.17.0 in 70 days: an honest ThumbGate build log"
       },
@@ -327,6 +357,46 @@
       <span class="article-tag">Session Persistence</span>
     </a>
 
+    <a href="/learn/agentic-enterprise-context-brain" class="article-card">
+      <h3>Agentic Enterprise Context Brain: Memory Plus Enforcement</h3>
+      <p>Enterprise agents need a context brain, but memory alone does not stop a repeated bad action. This guide turns facts, trust scores, prior failures, approvals, and evidence into pre-action gates.</p>
+      <span class="article-tag">Agentic Enterprise</span>
+      <span class="article-tag">Memory OS</span>
+      <span class="article-tag">Enforcement</span>
+    </a>
+
+    <a href="/learn/deterministic-agent-workflows" class="article-card">
+      <h3>Deterministic Agent Workflows Need Runtime Gates</h3>
+      <p>Claude Code workflows make orchestration scriptable and reviewable. ThumbGate adds the missing trust layer: run contracts, proof gates, and repeat-failure blocks before each tool call executes.</p>
+      <span class="article-tag">Claude Code</span>
+      <span class="article-tag">Workflows</span>
+      <span class="article-tag">Proof Gates</span>
+    </a>
+
+    <a href="/learn/codex-role-plugins-need-governance" class="article-card">
+      <h3>Codex Role Plugins Need Pre-Action Governance</h3>
+      <p>Codex plugins, Sites, and annotations move agent work into sales, analytics, design, finance, and documents. ThumbGate gates role-specific writes before they publish, share, or update business systems.</p>
+      <span class="article-tag">Codex Plugins</span>
+      <span class="article-tag">Sites</span>
+      <span class="article-tag">Governance</span>
+    </a>
+
+    <a href="/learn/agentic-os-team-governance" class="article-card">
+      <h3>Agentic OS Team Governance: Three Tiers Plus Gates</h3>
+      <p>A team Agentic OS needs human-editable source of truth, agent-operating files, git backup, permission mirroring, and memory scope. ThumbGate turns that architecture into runtime checks.</p>
+      <span class="article-tag">Agentic OS</span>
+      <span class="article-tag">Team Memory</span>
+      <span class="article-tag">Enterprise</span>
+    </a>
+
+    <a href="/learn/cost-aware-agent-gate-routing" class="article-card">
+      <h3>Cost-Aware Agent Gate Routing</h3>
+      <p>Use deterministic rules, semantic cache, local classifiers, local semantic recall, LLM judges, and human review in the right order so governance stays fast enough to leave on.</p>
+      <span class="article-tag">Semantic Cache</span>
+      <span class="article-tag">Rubrics</span>
+      <span class="article-tag">Cost Control</span>
+    </a>
+
     <a href="/learn/from-prototype-to-production" class="article-card">
       <h3>From git init to v1.17.0 in 70 days: an honest ThumbGate build log</h3>
       <p>70 days, 112 commits, 17 minor releases, 6k npm downloads, $0 cold-traffic revenue. The unedited story of taking ThumbGate from a one-line repo init to live production — including the part that's still broken.</p>

package/public/lessons.html

@@ -385,8 +385,32 @@ const LOCAL_PRO_BOOTSTRAP = __LESSONS_BOOTSTRAP_ENABLED__;
 function escHtml(s) { var d = document.createElement('div'); d.textContent = s; return d.innerHTML; }
 function escAttr(s) { return escHtml(String(s || '')).replace(/"/g, '"'); }
 
+let ACTIVE_PROJECT_DIR = '';
+try {
+  var urlParams = new URLSearchParams(window.location.search);
+  ACTIVE_PROJECT_DIR = urlParams.get('project') || '';
+} catch (e) {}
+
+function preserveProjectQueryParams() {
+  if (!ACTIVE_PROJECT_DIR) return;
+  var links = document.querySelectorAll('a[href^="/dashboard"], a[href^="/lessons"], a[href="/"]');
+  links.forEach(function(link) {
+    try {
+      var url = new URL(link.href, window.location.origin);
+      url.searchParams.set('project', ACTIVE_PROJECT_DIR);
+      link.href = url.pathname + url.search + url.hash;
+    } catch (e) {}
+  });
+}
+
+window.addEventListener('DOMContentLoaded', preserveProjectQueryParams);
+
 function getHeaders() {
-  return { 'Authorization': 'Bearer ' + API_KEY, 'Content-Type': 'application/json' };
+  var headers = { 'Authorization': 'Bearer ' + API_KEY, 'Content-Type': 'application/json' };
+  if (ACTIVE_PROJECT_DIR) {
+    headers['x-thumbgate-project-dir'] = ACTIVE_PROJECT_DIR;
+  }
+  return headers;
 }
 
 function hasBootstrapKey() {
@@ -791,14 +815,107 @@ function deriveSeverity(lesson) {
   return 'info';
 }
 
+function cleanLiveTitle(titleText, contextText) {
+  if (!titleText) return 'Lesson';
+  var prefix = '';
+  var rest = titleText;
+  var match = titleText.match(/^(MISTAKE|SUCCESS|LEARNING|PREFERENCE):\s*(.*)/i);
+  if (match) {
+    prefix = match[1].toUpperCase() + ': ';
+    rest = match[2];
+  }
+  
+  var trimmed = rest.trim();
+  var isJson = trimmed.indexOf('{') === 0;
+  
+  if (isJson) {
+    try {
+      var parsed = JSON.parse(trimmed);
+      var promptVal = parsed.prompt;
+      var hookVal = parsed.hook_event_name || parsed.hookEventName;
+      if (promptVal) {
+        var dirName = parsed.cwd ? parsed.cwd.split('/').pop() : '';
+        return prefix + 'Prompt "' + promptVal + '"' + (dirName ? ' inside ' + dirName : '');
+      }
+      if (hookVal) {
+        var dirName = parsed.cwd ? parsed.cwd.split('/').pop() : '';
+        return prefix + 'Hook event ' + hookVal + (dirName ? ' inside ' + dirName : '');
+      }
+      if (parsed.signal) {
+        var dirName = parsed.cwd ? parsed.cwd.split('/').pop() : '';
+        return prefix + (parsed.signal === 'up' ? 'Thumbs Up' : 'Thumbs Down') + (dirName ? ' inside ' + dirName : '');
+      }
+    } catch (e) {
+      if (contextText) {
+        var ctxTrimmed = contextText.trim();
+        if (ctxTrimmed.indexOf('{') === 0) {
+          try {
+            var parsedCtx = JSON.parse(ctxTrimmed);
+            var promptValCtx = parsedCtx.prompt;
+            var hookValCtx = parsedCtx.hook_event_name || parsedCtx.hookEventName;
+            if (promptValCtx) {
+              var dirName = parsedCtx.cwd ? parsedCtx.cwd.split('/').pop() : '';
+              return prefix + 'Prompt "' + promptValCtx + '"' + (dirName ? ' inside ' + dirName : '');
+            }
+            if (hookValCtx) {
+              var dirName = parsedCtx.cwd ? parsedCtx.cwd.split('/').pop() : '';
+              return prefix + 'Hook event ' + hookValCtx + (dirName ? ' inside ' + dirName : '');
+            }
+          } catch (err) {
+            // ignore
+          }
+        }
+      }
+    }
+    
+    var promptMatch = rest.match(/"prompt"\s*:\s*"([^"]+)"/) || (contextText && contextText.match(/"prompt"\s*:\s*"([^"]+)"/));
+    if (promptMatch) {
+      var cwdMatch = rest.match(/"cwd"\s*:\s*"([^"]+)"/) || (contextText && contextText.match(/"cwd"\s*:\s*"([^"]+)"/));
+      var dirName = cwdMatch ? cwdMatch[1].split('/').pop() : '';
+      return prefix + 'Prompt "' + promptMatch[1] + '"' + (dirName ? ' inside ' + dirName : '');
+    }
+    
+    var hookMatch = rest.match(/"hook_?event_?name"\s*:\s*"([^"]+)"/i) || (contextText && contextText.match(/"hook_?event_?name"\s*:\s*"([^"]+)"/i));
+    if (hookMatch) {
+      var cwdMatch = rest.match(/"cwd"\s*:\s*"([^"]+)"/) || (contextText && contextText.match(/"cwd"\s*:\s*"([^"]+)"/));
+      var dirName = cwdMatch ? cwdMatch[1].split('/').pop() : '';
+      return prefix + 'Hook event ' + hookMatch[1] + (dirName ? ' inside ' + dirName : '');
+    }
+  }
+  return titleText;
+}
+
+function cleanLiveContext(contextText) {
+  if (!contextText) return '';
+  var trimmed = contextText.trim();
+  if (trimmed.indexOf('{') === 0 && trimmed.indexOf('}') === trimmed.length - 1) {
+    try {
+      var parsed = JSON.parse(trimmed);
+      if (parsed.prompt) {
+        var dirName = parsed.cwd ? parsed.cwd.split('/').pop() : '';
+        var parts = [];
+        parts.push('Prompt: "' + parsed.prompt + '"');
+        if (parsed.cwd) parts.push('Working dir: ' + parsed.cwd);
+        if (parsed.hook_event_name) parts.push('Hook event: ' + parsed.hook_event_name);
+        return parts.join(' · ');
+      }
+    } catch (e) {
+      // ignore
+    }
+  }
+  return contextText;
+}
+
 function mapLiveRules(payload) {
   return (payload.results || []).map(function(result) {
     var linkedGate = (((result.systemResponse || {}).linkedAutoGates) || [])[0] || null;
     var sourceFeedback = ((result.systemResponse || {}).sourceFeedback) || null;
+    var rawTitle = result.title || ((result.lesson || {}).summary) || 'Lesson';
+    var rawContext = ((result.lesson || {}).howToAvoid) || ((result.lesson || {}).summary) || (sourceFeedback && sourceFeedback.context) || '';
     return {
       id: result.id,
-      title: result.title || ((result.lesson || {}).summary) || 'Lesson',
-      context: ((result.lesson || {}).howToAvoid) || ((result.lesson || {}).summary) || (sourceFeedback && sourceFeedback.context) || '',
+      title: cleanLiveTitle(rawTitle, rawContext),
+      context: cleanLiveContext(rawContext),
       occurrences: linkedGate && linkedGate.occurrences ? linkedGate.occurrences : 1,
       severity: deriveSeverity(result),
       tags: Array.isArray(result.tags) ? result.tags : [],
@@ -812,13 +929,14 @@ function mapTimelineItems(payload, lessonMap) {
   return (payload.results || []).map(function(entry) {
     var linkedLesson = lessonMap.get(entry.id) || null;
     var timestamp = entry.timestamp || null;
+    var rawContext = entry.context || entry.title || '';
     return {
       signal: normalizeSignal(entry.signal || entry.feedback),
-      context: entry.context || entry.title || '',
+      context: cleanLiveContext(rawContext),
       date: formatDate(entry.timestamp),
       timestamp: timestamp,
       dayKey: toDayKey(timestamp),
-      learned: linkedLesson ? linkedLesson.title : '',
+      learned: linkedLesson ? cleanLiveTitle(linkedLesson.title, rawContext) : '',
       feedbackId: entry.id || ''
     };
   });
@@ -926,8 +1044,13 @@ async function loadLive() {
     renderTimeline(allTimeline);
     renderInsights(dashboardSnapshot);
     renderImprovementMetrics(stats, dashboardSnapshot);
+    var isEnterprise = API_KEY.startsWith('tg_op_') || API_KEY.startsWith('tg_creator_');
+    if (stats.tier) {
+      isEnterprise = (stats.tier === 'Enterprise');
+    }
+    const tierName = isEnterprise ? 'Enterprise' : 'Pro';
     document.getElementById('proBadge').style.display = 'none';
-    setMode('Local Pro connected — this lessons view is reading your live rules, feedback timeline, and insights.', false);
+    setMode('Local ' + tierName + ' connected — this lessons view is reading your live rules, feedback timeline, and insights.', false);
   } catch (_err) {
     loadDemo();
   }

package/public/numbers.html

@@ -25,7 +25,7 @@
   "alternateName": "thumbgate",
   "applicationCategory": "DeveloperApplication",
   "operatingSystem": "Cross-platform, Node.js >=18.18.0",
-  "softwareVersion": "1.26.8",
+  "softwareVersion": "1.27.2",
   "url": "https://thumbgate.ai/numbers",
   "dateModified": "2026-05-07",
   "creator": {
@@ -202,7 +202,7 @@
 <main class="container">
   <h1>The Numbers</h1>
   <p class="subtitle">Generated first-party operational snapshot from the ThumbGate runtime. This is not customer traction, install volume, revenue, or proof that a configured gate has fired.</p>
-  <div class="freshness">Updated: 2026-05-07 · Version 1.26.8</div>
+  <div class="freshness">Updated: 2026-05-07 · Version 1.27.2</div>
   <div class="truth-note"><strong>Read this first:</strong> configured checks are inventory. Recorded blocks and warnings are usage evidence. This snapshot currently reports 0 recorded hard-block event(s) and 0 recorded warning event(s).</div>
 
   <h2>Gate enforcement</h2>

package/public/pricing.html

@@ -251,8 +251,7 @@ __GA_BOOTSTRAP__
       <div class="tier">Pro</div>
       <div class="price">$19<span>/mo</span></div>
       <div class="price-sub">
-        The free CLI runs your gates locally and never expires.
-        Pro is what we operate for you: hosted lesson sync across all your machines, adapter matrix kept current as agent runtimes ship breaking changes, and a dashboard you never have to self-host.
+        <strong>Don't buy a tool — buy hosted sync + compatibility insurance.</strong> The free CLI runs your gates locally, but Pro is what we operate for you: secure SQLite sync across all your machines (saving you from managing database migrations manually across developer boxes) and active adapter maintenance to stay compatible with weekly breaking updates in Claude Code, Cursor, and Cline.
       </div>
       <ul>
         <li><strong>Hosted lesson sync</strong> — corrections follow you across machines, no manual export</li>
@@ -275,6 +274,7 @@ __GA_BOOTSTRAP__
         <li>Everything in Pro for each seat</li>
         <li><strong>Shared lesson database</strong> — one engineer's fix protects every agent on the team</li>
         <li><strong>Org dashboard</strong> — visibility across all agent surfaces and developers</li>
+        <li><strong>Enterprise Data Chat</strong> — query local ThumbGate feedback, lessons, gates, and rollout readiness; Dialogflow CX / Vertex integration is enabled only when deployment evidence is configured</li>
         <li>Check template library for deploys, publish, and DB operations</li>
         <li>Email support during pilot rollout</li>
         <li>3-seat minimum after scope; rollout starts only after workflow and proof review are explicit</li>
@@ -285,6 +285,20 @@ __GA_BOOTSTRAP__
 
   </div>
 
+  <div class="enterprise-band" style="max-width:920px;margin:0 auto 8px;padding:24px 28px;border:1px solid rgba(34,211,238,0.24);border-radius:10px;background:#090d12;display:flex;flex-wrap:wrap;align-items:center;justify-content:space-between;gap:16px;">
+    <div style="flex:1 1 460px;text-align:left;">
+      <div class="tier" style="color:var(--cyan);">Enterprise</div>
+      <div class="price-sub" style="margin:4px 0 10px;">For regulated teams that need agent checks routed through their own cloud — talk to us.</div>
+      <ul style="margin:0;padding-left:18px;font-size:13px;color:var(--text-muted);line-height:1.7;">
+        <li><strong>Vertex AI / VPC gating</strong> — route agent checks through Gemini models in your Google Cloud project (<code>npx thumbgate setup-vertex</code>)</li>
+        <li><strong>Regulatory gate templates</strong> — legal intake, financial compliance, healthcare</li>
+        <li>Custom policy layers scoped to firm / practice area</li>
+        <li>Compliance audit export + dedicated onboarding with SLA</li>
+      </ul>
+    </div>
+    <a class="btn-team" style="white-space:nowrap;" href="/?utm_source=pricing&utm_medium=enterprise_band&utm_campaign=enterprise_intake&cta_id=pricing_enterprise&cta_placement=pricing&plan_id=enterprise#workflow-sprint-intake" onclick="try{posthog.capture('pricing_cta_click',{cta:'enterprise_intake',tier:'enterprise',placement:'pricing_page',price:0})}catch(_){};try{plausible('pricing_cta_click',{props:{cta:'enterprise_intake',tier:'enterprise'}})}catch(_){}">Talk to us</a>
+  </div>
+
   <div style="text-align:center;margin:32px 0;color:var(--text-muted);font-size:14px;">
     Need founder help? Do not buy a blind diagnostic from a pricing table.
     <a href="/?utm_source=pricing&utm_medium=scope_first&utm_campaign=team_intake&cta_id=pricing_scope_first&cta_placement=pricing_note&plan_id=team#workflow-sprint-intake" style="color:var(--cyan);text-decoration:none;font-weight:600;" onclick="try{posthog.capture('pricing_cta_click',{cta:'scope_first',tier:'team',price:0})}catch(_){};try{plausible('pricing_cta_click',{props:{cta:'scope_first',tier:'team'}})}catch(_){}">Send the workflow first</a> — then we scope the smallest paid rollout that can prove one repeated failure is blocked.
@@ -299,6 +313,10 @@ __GA_BOOTSTRAP__
         <div class="faq-q">What does Pro add over the free CLI?</div>
         <div class="faq-a">Free gives you 5 captures/day and 3 active rules, running entirely on your machine. Pro is the hosted layer: unlimited captures, unlimited rules, lesson sync across machines, a dashboard without self-hosting, managed adapter updates, and DPO export. You're paying for infrastructure we run, not features we hide.</div>
       </div>
+      <div class="faq-item">
+        <div class="faq-q">Why not just use an enterprise AI control plane?</div>
+        <div class="faq-a">Enterprise control planes govern agents from a server-side gateway, sold to platform teams on a Fortune-500 timeline. ThumbGate runs local-first, in the PreToolUse hook on your machine, and ships enforcement for the coding agents developers actually use today — Claude Code, Cursor, Codex, Gemini, Amp, Cline, OpenCode — with an <code>npm install</code> and minutes to value, not a procurement cycle.</div>
+      </div>
       <div class="faq-item">
         <div class="faq-q">Does ThumbGate send my code to the cloud?</div>
         <div class="faq-a">No. The CLI is local-first and no source code leaves your machine. Pro and Team add hosted sync for dashboards and shared lessons, but your code stays local.</div>