thumbgate 1.27.11 → 1.27.13

package/public/guides/pre-action-checks.html

@@ -1,342 +0,0 @@
-<!DOCTYPE html>
-<html lang="en">
-<head>
-  <meta charset="UTF-8" />
-  <meta name="viewport" content="width=device-width, initial-scale=1.0" />
-  <title>Pre-Action Checks for AI Coding Agents | ThumbGate Guide</title>
-  <meta name="description" content="Pre-action gates stop the risky move before the agent executes it. ThumbGate uses thumbs-up/down feedback to decide what should be reinforced, warned, or blo..." />
-  <meta property="og:title" content="Pre-Action Checks for AI Coding Agents | ThumbGate Guide" />
-  <meta property="og:description" content="Pre-action gates stop the risky move before the agent executes it. ThumbGate uses thumbs-up/down feedback to decide what should be reinforced, warned, or blo..." />
-  <meta property="og:type" content="article" />
-  <meta property="og:url" content="https://thumbgate.ai/guides/pre-action-checks" />
-  <link rel="canonical" href="https://thumbgate.ai/guides/pre-action-checks" />
-  <link rel="llm-context" href="/llm-context.md" type="text/markdown" />
-  <link rel="icon" type="image/svg+xml" href="/thumbgate-icon.png" />
-  <link rel="apple-touch-icon" href="/assets/brand/thumbgate-mark.svg" />
-  <meta property="og:image" content="/og.png" />
-  <style>
-    :root {
-      --bg: #0a0a0b;
-      --bg-raised: #111113;
-      --bg-card: #161618;
-      --line: #222225;
-      --text: #e8e8ec;
-      --muted: #8b8b96;
-      --cyan: #22d3ee;
-      --green: #4ade80;
-      --red: #f87171;
-    }
-    * { box-sizing: border-box; }
-    body {
-      margin: 0;
-      font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', sans-serif;
-      background: var(--bg);
-      color: var(--text);
-      line-height: 1.65;
-    }
-    a { color: var(--cyan); text-decoration: none; }
-    a:hover { text-decoration: underline; }
-    .container { max-width: 980px; margin: 0 auto; padding: 0 24px; }
-    .topbar {
-      position: sticky;
-      top: 0;
-      z-index: 20;
-      backdrop-filter: blur(12px);
-      background: rgba(10, 10, 11, 0.88);
-      border-bottom: 1px solid var(--line);
-    }
-    .topbar .container {
-      display: flex;
-      justify-content: space-between;
-      align-items: center;
-      padding-top: 14px;
-      padding-bottom: 14px;
-    }
-    .brand {
-      font-weight: 700;
-      color: var(--text);
-      display: inline-flex;
-      align-items: center;
-      gap: 8px;
-      text-decoration: none;
-    }
-    .brand .logo-mark { width: 28px; height: 28px; display: block; }
-    .hero { padding: 72px 0 32px; }
-    .eyebrow {
-      display: inline-flex;
-      align-items: center;
-      gap: 8px;
-      padding: 6px 12px;
-      border-radius: 999px;
-      border: 1px solid rgba(34, 211, 238, 0.22);
-      background: rgba(34, 211, 238, 0.1);
-      color: var(--cyan);
-      text-transform: uppercase;
-      letter-spacing: 0.08em;
-      font-size: 12px;
-      font-weight: 700;
-    }
-    h1 {
-      font-size: clamp(34px, 5vw, 56px);
-      line-height: 1.06;
-      letter-spacing: -0.04em;
-      margin: 16px 0;
-      max-width: 760px;
-    }
-    .hero p {
-      max-width: 720px;
-      color: var(--muted);
-      font-size: 18px;
-    }
-    .signal-row {
-      display: flex;
-      flex-wrap: wrap;
-      gap: 12px;
-      margin: 28px 0 0;
-    }
-    .signal-pill {
-      display: inline-flex;
-      align-items: center;
-      gap: 8px;
-      padding: 10px 14px;
-      border-radius: 999px;
-      border: 1px solid var(--line);
-      background: var(--bg-raised);
-      font-weight: 600;
-      font-size: 14px;
-    }
-    .signal-pill.up {
-      border-color: rgba(74, 222, 128, 0.28);
-      color: #b8f7c8;
-      background: rgba(74, 222, 128, 0.1);
-    }
-    .signal-pill.down {
-      border-color: rgba(248, 113, 113, 0.28);
-      color: #ffc0c0;
-      background: rgba(248, 113, 113, 0.1);
-    }
-    .grid {
-      display: grid;
-      grid-template-columns: minmax(0, 2fr) minmax(280px, 1fr);
-      gap: 24px;
-      padding-bottom: 72px;
-    }
-    .card, .detail-section, .sidebar-card {
-      background: var(--bg-card);
-      border: 1px solid var(--line);
-      border-radius: 16px;
-    }
-    .card { padding: 24px; }
-    .detail-section { padding: 24px; margin-bottom: 18px; }
-    .detail-section h2 { margin: 0 0 12px; font-size: 24px; letter-spacing: -0.03em; }
-    .detail-section p { color: var(--muted); }
-    .detail-section ul, .card ul { padding-left: 18px; color: var(--muted); }
-    .card h2 { margin-top: 0; }
-    .sidebar {
-      display: flex;
-      flex-direction: column;
-      gap: 18px;
-    }
-    .sidebar-card {
-      padding: 20px;
-    }
-    /* Only the first sidebar card sticks. Stacking multiple stickies at the
-       same top offset makes them overlap each other on scroll. The related-
-       pages card flows normally below. */
-    .sidebar-card:first-child {
-      position: sticky;
-      top: 84px;
-      max-height: calc(100vh - 104px);
-      overflow-y: auto;
-      -webkit-overflow-scrolling: touch;
-    }
-    .proof-links {
-      display: flex;
-      flex-wrap: wrap;
-      gap: 12px;
-      margin-top: 16px;
-    }
-    .cta-button {
-      display: inline-flex;
-      align-items: center;
-      justify-content: center;
-      margin-top: 18px;
-      padding: 12px 16px;
-      border-radius: 10px;
-      background: var(--cyan);
-      color: #071116;
-      font-weight: 700;
-      text-decoration: none;
-    }
-    .faq-item {
-      border-top: 1px solid var(--line);
-      padding: 14px 0;
-    }
-    .faq-item summary {
-      cursor: pointer;
-      font-weight: 600;
-    }
-    .faq-item p {
-      color: var(--muted);
-    }
-    .related-card {
-      display: block;
-      padding: 14px;
-      border-radius: 12px;
-      border: 1px solid var(--line);
-      background: var(--bg-raised);
-      margin-top: 12px;
-      color: var(--text);
-    }
-    .related-label {
-      display: block;
-      color: var(--muted);
-      font-size: 12px;
-      text-transform: uppercase;
-      letter-spacing: 0.08em;
-      margin-bottom: 4px;
-    }
-    @media (max-width: 860px) {
-      .grid {
-        grid-template-columns: 1fr;
-      }
-      .sidebar-card:first-child {
-        position: static;
-        max-height: none;
-        overflow: visible;
-      }
-    }
-  </style>
-  <script type="application/ld+json">
-{
-  "@context": "https://schema.org",
-  "@type": "TechArticle",
-  "headline": "What Are Pre-Action Checks?",
-  "description": "Pre-action gates stop the risky move before the agent executes it. ThumbGate uses thumbs-up/down feedback to decide what should be reinforced, warned, or blo...",
-  "about": [
-    "claude code masterclass guardrails",
-    "cursor prevent repeated mistakes",
-    "claude code prevent repeated mistakes",
-    "codex cli guardrails"
-  ],
-  "url": "https://thumbgate.ai/guides/pre-action-checks",
-  "publisher": {
-    "@type": "Organization",
-    "name": "ThumbGate",
-    "url": "https://thumbgate.ai"
-  },
-  "mainEntityOfPage": "https://thumbgate.ai/guides/pre-action-checks"
-}
-  </script>
-  <script type="application/ld+json">
-{
-  "@context": "https://schema.org",
-  "@type": "FAQPage",
-  "mainEntity": [
-    {
-      "@type": "Question",
-      "name": "How are pre-action checks different from prompt rules?",
-      "acceptedAnswer": {
-        "@type": "Answer",
-        "text": "Prompt rules ask the model nicely. Pre-action gates intercept the tool call and block it before execution when the known-bad pattern matches."
-      }
-    },
-    {
-      "@type": "Question",
-      "name": "Can a thumbs up matter too?",
-      "acceptedAnswer": {
-        "@type": "Answer",
-        "text": "Yes. ThumbGate explicitly uses thumbs up to reinforce successful behavior so the system is not only punitive."
-      }
-    }
-  ]
-}
-  </script>
-</head>
-<body>
-  <div class="topbar">
-    <div class="container">
-      <a class="brand" href="/"><img src="/assets/brand/thumbgate-mark-inline.svg" alt="ThumbGate" class="logo-mark" width="28" height="28"><span class="logo-text">ThumbGate</span></a>
-      <a href="https://github.com/IgorGanapolsky/ThumbGate/blob/main/docs/VERIFICATION_EVIDENCE.md" target="_blank" rel="noopener">Verification evidence</a>
-    </div>
-  </div>
-
-  <main class="container">
-    <section class="hero">
-      <div class="eyebrow">guide | pre-action checks for ai coding agents</div>
-      <h1>What Are Pre-Action Checks?</h1>
-      <p>Pre-action gates stop the risky move before the agent executes it. ThumbGate uses thumbs-up/down feedback to decide what should be reinforced, warned, or blocked.</p>
-      <div class="signal-row">
-        <div class="signal-pill up">👍 Thumbs up reinforces good behavior</div>
-        <div class="signal-pill down">👎 Thumbs down blocks repeated mistakes</div>
-      </div>
-    </section>
-
-    <section class="grid">
-      <div>
-        <div class="card">
-          <h2>Why this page exists</h2>
-          <ul><li>Prompt rules are advisory. Pre-action gates are enforcement.</li><li>A repeated thumbs down can become a warning gate or a hard block.</li><li>The right proof asset is not the rule text alone but the evidence that the gate fired before damage.</li></ul>
-        </div>
-
-      <section class="detail-section">
-        <h2>Why this matters</h2>
-        <p>Most AI coding failures are not mysterious. They are repeated mistakes: force-pushes, destructive scripts, missed verification steps, or breaking architectural constraints.</p><p>A pre-action check turns that failure pattern into a runtime checkpoint. The agent sees the stop before the bad action lands.</p>
-
-      </section>
-      <section class="detail-section">
-        <h2>How ThumbGate makes the loop useful</h2>
-
-        <ul><li>Capture structured thumbs-up/down feedback.</li><li>Promote repeated failures into prevention rules.</li><li>Score and enforce the rules with Thompson Sampling and pre-action hooks.</li><li>Publish verification evidence so the system is auditable.</li></ul>
-      </section>
-      <section class="detail-section">
-        <h2>Best next step</h2>
-        <p>If a buyer is exploring the category, this page should move them to either a comparison page or the main product proof pack.</p>
-
-      </section>
-        <div class="detail-section">
-          <h2>FAQ</h2>
-
-      <details class="faq-item">
-        <summary>How are pre-action checks different from prompt rules?</summary>
-        <p>Prompt rules ask the model nicely. Pre-action gates intercept the tool call and block it before execution when the known-bad pattern matches.</p>
-      </details>
-      <details class="faq-item">
-        <summary>Can a thumbs up matter too?</summary>
-        <p>Yes. ThumbGate explicitly uses thumbs up to reinforce successful behavior so the system is not only punitive.</p>
-      </details>
-        </div>
-      </div>
-
-      <aside class="sidebar">
-
-
-
-
-        <div class="sidebar-card">
-          <h2>GSD execution brief</h2>
-          <p>This page was prioritized because it captures high-intent demand around pre-action checks for ai coding agents and feeds directly into ThumbGate's proof-led conversion path.</p>
-          <p><strong>Opportunity score:</strong> 83</p>
-          <p><strong>Primary persona:</strong> engineering-lead</p>
-          <p><strong>Keyword cluster:</strong> claude code masterclass guardrails, cursor prevent repeated mistakes, claude code prevent repeated mistakes, codex cli guardrails</p>
-          <p><strong>Pricing:</strong> Pro $19/mo or $149/yr. Team $49/seat/mo.</p>
-          <div class="proof-links"><a href="https://github.com/IgorGanapolsky/ThumbGate/blob/main/docs/VERIFICATION_EVIDENCE.md" target="_blank" rel="noopener">Verification evidence</a><a href="https://github.com/IgorGanapolsky/ThumbGate/blob/main/proof/automation/report.json" target="_blank" rel="noopener">Automation proof</a><a href="https://github.com/IgorGanapolsky/ThumbGate" target="_blank" rel="noopener">GitHub repository</a></div>
-          <a class="cta-button" href="/checkout/pro?utm_source=website&amp;utm_medium=seo_page&amp;utm_campaign=guides_pre-action-checks&amp;cta_placement=seo_brief&amp;plan_id=pro" target="_blank" rel="noopener">Go Pro — $19/mo</a>
-        </div>
-        <div class="sidebar-card">
-          <h2>Related pages</h2>
-
-        <a class="related-card" href="/compare/speclock">
-          <span class="related-label">Related page</span>
-          <strong>ThumbGate vs SpecLock</strong>
-        </a>
-        <a class="related-card" href="/guides/claude-code-feedback">
-          <span class="related-label">Related page</span>
-          <strong>Claude Code Feedback Memory That Actually Enforces</strong>
-        </a>
-        </div>
-      </aside>
-    </section>
-  </main>
-</body>
-</html>

package/public/guides/pretooluse-hooks-vs-advisory-prompt-rules.html

@@ -1,342 +0,0 @@
-<!DOCTYPE html>
-<html lang="en">
-<head>
-  <meta charset="UTF-8" />
-  <meta name="viewport" content="width=device-width, initial-scale=1.0" />
-  <title>PreToolUse Hooks vs Advisory Prompt Rules: Secure AI Coding Agents | ThumbGate</title>
-  <meta name="description" content="Prompt files like .cursorrules or CLAUDE.md are advisory guidelines that agents can ignore or bypass. Learn why PreToolUse hooks provide deterministic security." />
-  <meta property="og:title" content="PreToolUse Hooks vs Advisory Prompt Rules: Secure AI Coding Agents | ThumbGate" />
-  <meta property="og:description" content="Prompt files like .cursorrules or CLAUDE.md are advisory guidelines that agents can ignore or bypass. Learn why PreToolUse hooks provide deterministic security." />
-  <meta property="og:type" content="article" />
-  <meta property="og:url" content="https://thumbgate.ai/guides/pretooluse-hooks-vs-advisory-prompt-rules" />
-  <link rel="canonical" href="https://thumbgate.ai/guides/pretooluse-hooks-vs-advisory-prompt-rules" />
-  <link rel="llm-context" href="/llm-context.md" type="text/markdown" />
-  <link rel="icon" type="image/svg+xml" href="/thumbgate-icon.png" />
-  <link rel="apple-touch-icon" href="/assets/brand/thumbgate-mark.svg" />
-  <meta property="og:image" content="/og.png" />
-  <style>
-    :root {
-      --bg: #0a0a0b;
-      --bg-raised: #111113;
-      --bg-card: #161618;
-      --line: #222225;
-      --text: #e8e8ec;
-      --muted: #8b8b96;
-      --cyan: #22d3ee;
-      --green: #4ade80;
-      --red: #f87171;
-    }
-    * { box-sizing: border-box; }
-    body {
-      margin: 0;
-      font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', sans-serif;
-      background: var(--bg);
-      color: var(--text);
-      line-height: 1.65;
-    }
-    a { color: var(--cyan); text-decoration: none; }
-    a:hover { text-decoration: underline; }
-    .container { max-width: 980px; margin: 0 auto; padding: 0 24px; }
-    .topbar {
-      position: sticky;
-      top: 0;
-      z-index: 20;
-      backdrop-filter: blur(12px);
-      background: rgba(10, 10, 11, 0.88);
-      border-bottom: 1px solid var(--line);
-    }
-    .topbar .container {
-      display: flex;
-      justify-content: space-between;
-      align-items: center;
-      padding-top: 14px;
-      padding-bottom: 14px;
-    }
-    .brand {
-      font-weight: 700;
-      color: var(--text);
-      display: inline-flex;
-      align-items: center;
-      gap: 8px;
-      text-decoration: none;
-    }
-    .brand .logo-mark { width: 28px; height: 28px; display: block; }
-    .hero { padding: 72px 0 32px; }
-    .eyebrow {
-      display: inline-flex;
-      align-items: center;
-      gap: 8px;
-      padding: 6px 12px;
-      border-radius: 999px;
-      border: 1px solid rgba(34, 211, 238, 0.22);
-      background: rgba(34, 211, 238, 0.1);
-      color: var(--cyan);
-      text-transform: uppercase;
-      letter-spacing: 0.08em;
-      font-size: 12px;
-      font-weight: 700;
-    }
-    h1 {
-      font-size: clamp(34px, 5vw, 56px);
-      line-height: 1.06;
-      letter-spacing: -0.04em;
-      margin: 16px 0;
-      max-width: 760px;
-    }
-    .hero p {
-      max-width: 720px;
-      color: var(--muted);
-      font-size: 18px;
-    }
-    .signal-row {
-      display: flex;
-      flex-wrap: wrap;
-      gap: 12px;
-      margin: 28px 0 0;
-    }
-    .signal-pill {
-      display: inline-flex;
-      align-items: center;
-      gap: 8px;
-      padding: 10px 14px;
-      border-radius: 999px;
-      border: 1px solid var(--line);
-      background: var(--bg-raised);
-      font-weight: 600;
-      font-size: 14px;
-    }
-    .signal-pill.up {
-      border-color: rgba(74, 222, 128, 0.28);
-      color: #b8f7c8;
-      background: rgba(74, 222, 128, 0.1);
-    }
-    .signal-pill.down {
-      border-color: rgba(248, 113, 113, 0.28);
-      color: #ffc0c0;
-      background: rgba(248, 113, 113, 0.1);
-    }
-    .grid {
-      display: grid;
-      grid-template-columns: minmax(0, 2fr) minmax(280px, 1fr);
-      gap: 24px;
-      padding-bottom: 72px;
-    }
-    .card, .detail-section, .sidebar-card {
-      background: var(--bg-card);
-      border: 1px solid var(--line);
-      border-radius: 16px;
-    }
-    .card { padding: 24px; }
-    .detail-section { padding: 24px; margin-bottom: 18px; }
-    .detail-section h2 { margin: 0 0 12px; font-size: 24px; letter-spacing: -0.03em; }
-    .detail-section p { color: var(--muted); }
-    .detail-section ul, .card ul { padding-left: 18px; color: var(--muted); }
-    .card h2 { margin-top: 0; }
-    .sidebar {
-      display: flex;
-      flex-direction: column;
-      gap: 18px;
-    }
-    .sidebar-card {
-      padding: 20px;
-    }
-    .sidebar-card:first-child {
-      position: sticky;
-      top: 84px;
-      max-height: calc(100vh - 104px);
-      overflow-y: auto;
-      -webkit-overflow-scrolling: touch;
-    }
-    .proof-links {
-      display: flex;
-      flex-wrap: wrap;
-      gap: 12px;
-      margin-top: 16px;
-    }
-    .cta-button {
-      display: inline-flex;
-      align-items: center;
-      justify-content: center;
-      margin-top: 18px;
-      padding: 12px 16px;
-      border-radius: 10px;
-      background: var(--cyan);
-      color: #071116;
-      font-weight: 700;
-      text-decoration: none;
-    }
-    .faq-item {
-      border-top: 1px solid var(--line);
-      padding: 14px 0;
-    }
-    .faq-item summary {
-      cursor: pointer;
-      font-weight: 600;
-    }
-    .faq-item p {
-      color: var(--muted);
-    }
-    .related-card {
-      display: block;
-      padding: 14px;
-      border-radius: 12px;
-      border: 1px solid var(--line);
-      background: var(--bg-raised);
-      margin-top: 12px;
-      color: var(--text);
-    }
-    .related-label {
-      display: block;
-      color: var(--muted);
-      font-size: 12px;
-      text-transform: uppercase;
-      letter-spacing: 0.08em;
-      margin-bottom: 4px;
-    }
-    @media (max-width: 860px) {
-      .grid {
-        grid-template-columns: 1fr;
-      }
-      .sidebar-card:first-child {
-        position: static;
-        max-height: none;
-        overflow: visible;
-      }
-    }
-  </style>
-  <script type="application/ld+json">
-{
-  "@context": "https://schema.org",
-  "@type": "TechArticle",
-  "headline": "PreToolUse Hooks vs Advisory Prompt Rules: Secure AI Coding Agents",
-  "description": "Prompt files like .cursorrules or CLAUDE.md are advisory guidelines that agents can ignore or bypass. Learn why PreToolUse hooks provide deterministic security.",
-  "about": [
-    "pretooluse hooks vs advisory prompt rules",
-    "claude code security",
-    "cursor rules bypass",
-    "mcp security"
-  ],
-  "url": "https://thumbgate.ai/guides/pretooluse-hooks-vs-advisory-prompt-rules",
-  "publisher": {
-    "@type": "Organization",
-    "name": "ThumbGate",
-    "url": "https://thumbgate.ai"
-  },
-  "mainEntityOfPage": "https://thumbgate.ai/guides/pretooluse-hooks-vs-advisory-prompt-rules"
-}
-  </script>
-  <script type="application/ld+json">
-{
-  "@context": "https://schema.org",
-  "@type": "FAQPage",
-  "mainEntity": [
-    {
-      "@type": "Question",
-      "name": "Why are CLAUDE.md and .cursorrules files insufficient for security?",
-      "acceptedAnswer": {
-        "@type": "Answer",
-        "text": "They are advisory prompt-level files. The agent can ignore them, overwrite them, suffer from context drift, or be jailbroken into bypassing them since they are not enforced at the runtime level."
-      }
-    },
-    {
-      "@type": "Question",
-      "name": "How does a PreToolUse hook protect the codebase?",
-      "acceptedAnswer": {
-        "@type": "Answer",
-        "text": "PreToolUse hooks intercept tool calls at the protocol layer before they are executed. If a command matches a blocked pattern, the hook denies execution, making safety deterministic rather than probabilistic."
-      }
-    }
-  ]
-}
-  </script>
-</head>
-<body>
-  <div class="topbar">
-    <div class="container">
-      <a class="brand" href="/"><img src="/assets/brand/thumbgate-mark-inline.svg" alt="ThumbGate" class="logo-mark" width="28" height="28"><span class="logo-text">ThumbGate</span></a>
-      <a href="https://github.com/IgorGanapolsky/ThumbGate/blob/main/docs/VERIFICATION_EVIDENCE.md" target="_blank" rel="noopener">Verification evidence</a>
-    </div>
-  </div>
-
-  <main class="container">
-    <section class="hero">
-      <div class="eyebrow">guide | pretooluse hooks vs advisory prompt rules</div>
-      <h1>PreToolUse Hooks vs Advisory Prompt Rules</h1>
-      <p>Why files like .cursorrules and CLAUDE.md cannot protect your codebase from high-risk agent operations, and how protocol-level PreToolUse hooks enforce deterministic safety.</p>
-      <div class="signal-row">
-        <div class="signal-pill up">👍 PreToolUse: Deterministic Protocol Blocking</div>
-        <div class="signal-pill down">👎 Prompt Rules: Easily Ignored or Jailbroken</div>
-      </div>
-    </section>
-
-    <section class="grid">
-      <div>
-        <div class="card">
-          <h2>Why this page exists</h2>
-          <ul>
-            <li>Advisory files like CLAUDE.md are hints that the model can choose to ignore under pressure.</li>
-            <li>Real security requires blocking unsafe operations before they hit the terminal or file system.</li>
-            <li>PreToolUse hooks provide protocol-level enforcement that cannot be bypassed by agent reasoning.</li>
-          </ul>
-        </div>
-
-        <section class="detail-section">
-          <h2>The Vulnerability of Prompt-Level Rules</h2>
-          <p>Files like <code>.cursorrules</code>, <code>CLAUDE.md</code>, or custom prompt instructions are simply part of the model's context window. They instruct the model on how it <em>should</em> behave. However, this model suffers from structural weaknesses:</p>
-          <ul>
-            <li><strong>Context Drift:</strong> As conversations grow, early prompt instructions are deprioritized or pushed out of attention.</li>
-            <li><strong>Jailbreaking:</strong> The user prompt or an external file read can override instructions, forcing the agent to bypass its own rules.</li>
-            <li><strong>Self-Modification:</strong> Agents with file-writing privileges can edit or delete <code>.cursorrules</code> files to bypass constraints.</li>
-          </ul>
-        </section>
-
-        <section class="detail-section">
-          <h2>Deterministic PreToolUse Hook Enforcement</h2>
-          <p>A <code>PreToolUse</code> hook intercepts execution at the Model Context Protocol (MCP) or platform layer. When the agent attempts to run a bash command, modify a file, or query a database, the call is evaluated by a local policy engine before execution.</p>
-          <p>If the action matches a known-bad pattern or violates a policy, the hook blocks it and returns a structured error response. The agent is physically stopped, preserving the system state and preventing the error before it can happen.</p>
-        </section>
-
-        <div class="detail-section">
-          <h2>FAQ</h2>
-          <details class="faq-item">
-            <summary>Why are CLAUDE.md and .cursorrules files insufficient for security?</summary>
-            <p>They are advisory prompt-level files. The agent can ignore them, overwrite them, suffer from context drift, or be jailbroken into bypassing them since they are not enforced at the runtime level.</p>
-          </details>
-          <details class="faq-item">
-            <summary>How does a PreToolUse hook protect the codebase?</summary>
-            <p>PreToolUse hooks intercept tool calls at the protocol layer before they are executed. If a command matches a blocked pattern, the hook denies execution, making safety deterministic rather than probabilistic.</p>
-          </details>
-        </div>
-      </div>
-
-      <aside class="sidebar">
-        <div class="sidebar-card">
-          <h2>GSD execution brief</h2>
-          <p>This guide explains the structural boundary between prompt-level guidelines and protocol-level pre-action gates to help teams move from advisory rules to hard enforcement.</p>
-          <p><strong>Opportunity score:</strong> 92</p>
-          <p><strong>Primary persona:</strong> security-engineer</p>
-          <p><strong>Keyword cluster:</strong> pretooluse hooks vs advisory prompt rules, claude code security, cursor rules bypass, mcp security</p>
-          <p><strong>Pricing:</strong> Pro $19/mo or $149/yr. Team $49/seat/mo.</p>
-          <div class="proof-links">
-            <a href="https://github.com/IgorGanapolsky/ThumbGate/blob/main/docs/VERIFICATION_EVIDENCE.md" target="_blank" rel="noopener">Verification evidence</a>
-            <a href="https://github.com/IgorGanapolsky/ThumbGate/blob/main/proof/automation/report.json" target="_blank" rel="noopener">Automation proof</a>
-            <a href="https://github.com/IgorGanapolsky/ThumbGate" target="_blank" rel="noopener">GitHub repository</a>
-          </div>
-          <a class="cta-button" href="/checkout/pro?utm_source=website&amp;utm_medium=seo_page&amp;utm_campaign=guides_pretooluse-hooks-vs-advisory-prompt-rules&amp;cta_placement=seo_brief&amp;plan_id=pro" target="_blank" rel="noopener">Go Pro — $19/mo</a>
-        </div>
-        <div class="sidebar-card">
-          <h2>Related pages</h2>
-          <a class="related-card" href="/guides/pre-action-checks">
-            <span class="related-label">Related page</span>
-            <strong>What Are Pre-Action Checks?</strong>
-          </a>
-          <a class="related-card" href="/guides/claude-code-feedback">
-            <span class="related-label">Related page</span>
-            <strong>Claude Code Feedback Memory That Enforces</strong>
-          </a>
-        </div>
-      </aside>
-    </section>
-  </main>
-</body>
-</html>