thumbgate 1.27.12 → 1.27.13
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.claude-plugin/plugin.json +1 -1
- package/.well-known/llms.txt +2 -1
- package/.well-known/mcp/server-card.json +1 -1
- package/README.md +2 -4
- package/adapters/claude/.mcp.json +2 -2
- package/adapters/mcp/server-stdio.js +1 -1
- package/adapters/opencode/opencode.json +1 -1
- package/adapters/policy-engine/ethicore-guardian-client.js +68 -0
- package/adapters/policy-engine/thumbgate-policy-engine-adapter.js +260 -0
- package/bin/cli.js +78 -259
- package/config/gate-templates.json +0 -228
- package/config/gates/claim-verification.json +0 -18
- package/package.json +35 -25
- package/public/assets/brand/thumbgate-logo-transparent.svg +22 -0
- package/public/assets/brand/thumbgate-mark-inline-v3.svg +19 -0
- package/public/assets/brand/thumbgate-mark.svg +11 -5
- package/public/blog.html +0 -30
- package/public/brand/thumbgate-mark.svg +9 -5
- package/public/chatgpt-app.html +2 -2
- package/public/compare.html +2 -1
- package/public/dashboard.html +1 -1
- package/public/federal.html +1 -1
- package/public/index.html +95 -216
- package/public/learn.html +59 -35
- package/public/lessons.html +1 -1
- package/public/numbers.html +2 -2
- package/public/pro.html +7 -7
- package/scripts/aws-blocks-guardrails.js +228 -0
- package/scripts/cli-schema.js +22 -10
- package/scripts/dashboard-chat.js +2 -1
- package/scripts/document-intake.js +1 -49
- package/scripts/durability/step.js +3 -3
- package/scripts/gate-stats.js +5 -11
- package/scripts/gates-engine.js +0 -49
- package/scripts/gemini-embedding-policy.js +2 -1
- package/scripts/hook-stop-anti-claim.js +116 -184
- package/scripts/hosted-config.js +0 -12
- package/scripts/lesson-search.js +1 -15
- package/scripts/llm-client.js +187 -5
- package/scripts/plausible-domain-config.js +3 -1
- package/scripts/seo-gsd.js +240 -1
- package/scripts/tool-registry.js +2 -2
- package/scripts/vector-store.js +44 -0
- package/scripts/workspace-evolver.js +62 -2
- package/src/api/server.js +340 -131
- package/public/assets/brand/thumbgate-mark-inline.svg +0 -15
- package/public/compare/adopt-ai.html +0 -219
- package/public/compare/agentix-labs.html +0 -197
- package/public/compare/ai-experience-orchestration.html +0 -216
- package/public/compare/anthropic-claude-for-legal.html +0 -260
- package/public/compare/anthropic-containment.html +0 -280
- package/public/compare/arcade.html +0 -175
- package/public/compare/arcjet.html +0 -239
- package/public/compare/bumblebee.html +0 -307
- package/public/compare/claude-code-hooks.html +0 -294
- package/public/compare/databricks-unity-ai-gateway.html +0 -215
- package/public/compare/fallow.html +0 -351
- package/public/compare/heidi.html +0 -233
- package/public/compare/mem0.html +0 -342
- package/public/compare/oak-and-sparrow-gatekeeper.html +0 -289
- package/public/compare/rein.html +0 -236
- package/public/compare/sigmashake.html +0 -256
- package/public/compare/speclock.html +0 -342
- package/public/guides/agent-harness-optimization.html +0 -342
- package/public/guides/agentic-web-governance.html +0 -406
- package/public/guides/ai-agent-governance-sprint.html +0 -415
- package/public/guides/ai-agent-pre-action-approval-gates.html +0 -401
- package/public/guides/ai-agent-workflow-migration-checklist.html +0 -392
- package/public/guides/ai-deployment-readiness.html +0 -415
- package/public/guides/ai-mode-ads-agent-governance.html +0 -401
- package/public/guides/ai-search-topical-presence.html +0 -342
- package/public/guides/autoresearch-agent-safety.html +0 -342
- package/public/guides/background-agent-governance.html +0 -358
- package/public/guides/best-tools-stop-ai-agents-breaking-production.html +0 -363
- package/public/guides/browser-automation-safety.html +0 -342
- package/public/guides/chatgpt-ads-trust.html +0 -353
- package/public/guides/claude-code-feedback.html +0 -339
- package/public/guides/claude-code-prevent-repeated-mistakes.html +0 -161
- package/public/guides/claude-code-skills-guardrails.html +0 -343
- package/public/guides/claude-desktop.html +0 -356
- package/public/guides/code-knowledge-graph-guardrails.html +0 -365
- package/public/guides/codex-cli-guardrails.html +0 -339
- package/public/guides/cursor-agent-guardrails.html +0 -339
- package/public/guides/cursor-prevent-repeated-mistakes.html +0 -161
- package/public/guides/database-agent-safety.html +0 -406
- package/public/guides/deepseek-v4-runtime-guardrails.html +0 -346
- package/public/guides/developer-machine-supply-chain-guardrails.html +0 -358
- package/public/guides/gcp-mcp-guardrails.html +0 -147
- package/public/guides/gemini-cli-feedback-memory.html +0 -339
- package/public/guides/gpt-5-5-model-evaluation.html +0 -358
- package/public/guides/internal-ai-engineering-stack-guardrails.html +0 -348
- package/public/guides/long-running-agent-context-management.html +0 -346
- package/public/guides/mcp-tool-governance.html +0 -401
- package/public/guides/multica-thumbgate-setup.html +0 -134
- package/public/guides/native-messaging-host-security.html +0 -342
- package/public/guides/policy-engine-pre-action-gates.html +0 -346
- package/public/guides/pre-action-checks.html +0 -342
- package/public/guides/pretooluse-hooks-vs-advisory-prompt-rules.html +0 -342
- package/public/guides/prompt-tricks-to-workflow-rules.html +0 -365
- package/public/guides/proxy-pointer-rag-guardrails.html +0 -352
- package/public/guides/rag-precision-tuning-guardrails.html +0 -352
- package/public/guides/reasoning-compression-guardrails.html +0 -346
- package/public/guides/relational-knowledge-ai-recommendations.html +0 -342
- package/public/guides/roo-code-alternative-cline.html +0 -339
- package/public/guides/semantic-programmatic-seo-guardrails.html +0 -352
- package/public/guides/seo-agent-skills-guardrails.html +0 -344
- package/public/guides/stop-repeated-ai-agent-mistakes.html +0 -342
- package/public/learn/ac-dc-runtime-enforcement.html +0 -277
- package/public/learn/agent-harness-pattern.html +0 -181
- package/public/learn/agent-identity-connector-governance.html +0 -146
- package/public/learn/agent-swarms-shared-gates.html +0 -173
- package/public/learn/agentic-enterprise-context-brain.html +0 -117
- package/public/learn/agentic-os-team-governance.html +0 -146
- package/public/learn/ai-agent-governance.html +0 -158
- package/public/learn/ai-agent-persistent-memory.html +0 -211
- package/public/learn/anthropomorphic-claim-gates.html +0 -180
- package/public/learn/background-agent-control-layer.html +0 -184
- package/public/learn/claude-code-goal-with-rubrics.html +0 -205
- package/public/learn/codex-role-plugins-need-governance.html +0 -125
- package/public/learn/cost-aware-agent-gate-routing.html +0 -173
- package/public/learn/databricks-unity-ai-gateway-runtime-governance.html +0 -157
- package/public/learn/deterministic-agent-workflows.html +0 -185
- package/public/learn/feedback-loop-vs-decision-layer.html +0 -283
- package/public/learn/from-prototype-to-production.html +0 -223
- package/public/learn/learn.css +0 -51
- package/public/learn/mcp-pre-action-checks-explained.html +0 -172
- package/public/learn/pretix-stripe-connect-marketplaces.html +0 -161
- package/public/learn/regulated-agent-execution-boundary.html +0 -196
- package/public/learn/spec-driven-development.html +0 -168
- package/public/learn/stop-ai-agent-force-push.html +0 -134
- package/public/learn/vibe-coding-safety-net.html +0 -142
- package/scripts/reddit-browser-notification-watch.js +0 -230
|
@@ -36,24 +36,6 @@
|
|
|
36
36
|
"requiredActions": ["commercial_truth_verified"],
|
|
37
37
|
"message": "You claimed a commercial-data fact (money, tax, inventory, permissions, or customer-facing state) without external source-of-truth evidence. Read the authoritative system first, then call track_action('commercial_truth_verified').",
|
|
38
38
|
"createdAt": 1781640000000
|
|
39
|
-
},
|
|
40
|
-
{
|
|
41
|
-
"pattern": "\\b(?:ai|llm|model|agent|assistant|claude|codex|gpt|chatgpt|gemini|cursor)\\b.{0,80}\\b(?:understands?|knows?|wants?|intends?|decides?|believes?|feels?|thinks?|is\\s+(?:moral|ethical|sentient|conscious|empathetic|human-like)|has\\s+(?:morality|empathy|intent|intentions|understanding|beliefs?|feelings?|consciousness))\\b|\\b(?:human-like|anthropomorphic|anthropomorphi[sz]e[sd]?)\\b.{0,80}\\b(?:ai|llm|model|agent|assistant|claude|codex|gpt|chatgpt|gemini|cursor)\\b|\\b(?:ai|llm|model|agent|assistant|claude|codex|gpt|chatgpt|gemini|cursor)\\b.{0,80}\\b(?:human-like|anthropomorphic|anthropomorphi[sz]e[sd]?)\\b",
|
|
42
|
-
"requiredActions": ["anthropomorphic_claim_verified"],
|
|
43
|
-
"message": "You made a human-like or cognitive claim about an AI system without explicit measurement criteria. Define the tested attribute, interface/substrate, observer/evaluator, and evidence first, then call track_action('anthropomorphic_claim_verified').",
|
|
44
|
-
"createdAt": 1781913600000
|
|
45
|
-
},
|
|
46
|
-
{
|
|
47
|
-
"pattern": "\\b(?:agent|assistant|ai|mcp|connector|tool)\\b.{0,100}\\b(?:identity|owner|invoker|service account|credential|permission|access|scope|least privilege)\\b.{0,100}\\b(?:verified|inventoried|mapped|known|governed|scoped|ready|configured|complete)\\b|\\b(?:verified|inventoried|mapped|known|governed|scoped|ready|configured|complete)\\b.{0,100}\\b(?:agent|assistant|ai|mcp|connector|tool)\\b.{0,100}\\b(?:identity|owner|invoker|service account|credential|permission|access|scope|least privilege)\\b",
|
|
48
|
-
"requiredActions": ["agent_identity_inventory_verified"],
|
|
49
|
-
"message": "You claimed agent identity, ownership, credentials, permissions, or least-privilege scope is verified without an inventory receipt. Record owner, invoker, systems, credentials, read/write/delete/execute permissions, and purpose first, then call track_action('agent_identity_inventory_verified').",
|
|
50
|
-
"createdAt": 1781913600000
|
|
51
|
-
},
|
|
52
|
-
{
|
|
53
|
-
"pattern": "\\b(?:mcp|connector|connectors|tool pack|toolpack|tool-pack|merge agent handler|agent handler|glean|mcp gateway|remote mcp)\\b.{0,100}\\b(?:safe|secure|scoped|governed|authenticated|dlp|audit|observable|permissioned|ready|configured|production-ready)\\b|\\b(?:safe|secure|scoped|governed|authenticated|dlp|audit|observable|permissioned|ready|configured|production-ready)\\b.{0,100}\\b(?:mcp|connector|connectors|tool pack|toolpack|tool-pack|merge agent handler|agent handler|glean|mcp gateway|remote mcp)\\b",
|
|
54
|
-
"requiredActions": ["connector_scope_verified"],
|
|
55
|
-
"message": "You claimed a connector, Tool Pack, MCP gateway, or remote MCP surface is safely scoped without connector evidence. Verify authentication, allowed tools, DLP/logging behavior, downstream systems, and audit receipts first, then call track_action('connector_scope_verified').",
|
|
56
|
-
"createdAt": 1781913600000
|
|
57
39
|
}
|
|
58
40
|
]
|
|
59
41
|
}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "thumbgate",
|
|
3
|
-
"version": "1.27.
|
|
3
|
+
"version": "1.27.13",
|
|
4
4
|
"description": "ThumbGate self-improving agent governance: thumbs-up/down turns every mistake into a prevention rule and blocks repeat patterns. 36 pre-action checks, budget enforcement, and self-protection for Claude Code, Cursor, Codex, Gemini CLI, and Amp.",
|
|
5
5
|
"homepage": "https://thumbgate.ai",
|
|
6
6
|
"repository": {
|
|
@@ -29,6 +29,7 @@
|
|
|
29
29
|
"scripts/agent-reasoning-traces.js",
|
|
30
30
|
"scripts/agent-reward-model.js",
|
|
31
31
|
"scripts/agent-stack-survival-audit.js",
|
|
32
|
+
"scripts/aws-blocks-guardrails.js",
|
|
32
33
|
"scripts/agentic-data-pipeline.js",
|
|
33
34
|
"scripts/ai-component-inventory.js",
|
|
34
35
|
"scripts/ai-engineering-stack-guardrails.js",
|
|
@@ -105,8 +106,8 @@
|
|
|
105
106
|
"scripts/growth-campaigns.js",
|
|
106
107
|
"scripts/harness-selector.js",
|
|
107
108
|
"scripts/hf-papers.js",
|
|
108
|
-
"scripts/hook-stop-anti-claim.js",
|
|
109
109
|
"scripts/hook-runtime.js",
|
|
110
|
+
"scripts/hook-stop-anti-claim.js",
|
|
110
111
|
"scripts/hook-thumbgate-cache-updater.js",
|
|
111
112
|
"scripts/hosted-config.js",
|
|
112
113
|
"scripts/hybrid-feedback-context.js",
|
|
@@ -171,7 +172,6 @@
|
|
|
171
172
|
"scripts/rag-precision-guardrails.js",
|
|
172
173
|
"scripts/rate-limiter.js",
|
|
173
174
|
"scripts/reasoning-efficiency-guardrails.js",
|
|
174
|
-
"scripts/reddit-browser-notification-watch.js",
|
|
175
175
|
"scripts/repeat-metric.js",
|
|
176
176
|
"scripts/reward-hacking-guardrails.js",
|
|
177
177
|
"scripts/risk-scorer.js",
|
|
@@ -245,6 +245,9 @@
|
|
|
245
245
|
"adapters/letta/README.md",
|
|
246
246
|
"adapters/letta/thumbgate-letta-adapter.js",
|
|
247
247
|
"adapters/gcp/dfcx-webhook-gate.js",
|
|
248
|
+
"adapters/policy-engine/README.md",
|
|
249
|
+
"adapters/policy-engine/ethicore-guardian-client.js",
|
|
250
|
+
"adapters/policy-engine/thumbgate-policy-engine-adapter.js",
|
|
248
251
|
"adapters/mcp/server-stdio.js",
|
|
249
252
|
"adapters/opencode/opencode.json",
|
|
250
253
|
"bench/programbench-smoke.json",
|
|
@@ -265,14 +268,11 @@
|
|
|
265
268
|
"public/chatgpt-app.html",
|
|
266
269
|
"public/codex-plugin.html",
|
|
267
270
|
"public/compare.html",
|
|
268
|
-
"public/compare/",
|
|
269
271
|
"public/dashboard.html",
|
|
270
272
|
"public/federal.html",
|
|
271
273
|
"public/guide.html",
|
|
272
|
-
"public/guides/",
|
|
273
274
|
"public/index.html",
|
|
274
275
|
"public/learn.html",
|
|
275
|
-
"public/learn/",
|
|
276
276
|
"public/lessons.html",
|
|
277
277
|
"public/numbers.html",
|
|
278
278
|
"public/pricing.html",
|
|
@@ -312,11 +312,14 @@
|
|
|
312
312
|
"stripe:live": "node scripts/stripe-live-status.js",
|
|
313
313
|
"stripe:webhook:audit": "node scripts/rotate-stripe-webhook-secret.js --audit",
|
|
314
314
|
"stripe:webhook:disable-legacy": "node scripts/rotate-stripe-webhook-secret.js --disable-legacy",
|
|
315
|
+
"zai:smoke": "node scripts/zai-smoke.js",
|
|
315
316
|
"gtm:revenue-loop": "node scripts/autonomous-sales-agent.js",
|
|
316
317
|
"gtm:aiventyx": "node scripts/aiventyx-marketplace-plan.js",
|
|
317
318
|
"gtm:chatgpt": "node scripts/chatgpt-gpt-revenue-pack.js",
|
|
318
319
|
"gtm:codex": "node scripts/codex-marketplace-revenue-pack.js",
|
|
319
320
|
"gtm:linkedin": "node scripts/linkedin-workflow-hardening-pack.js",
|
|
321
|
+
"gtm:okara-automation": "node scripts/okara-money-promo-automation.js",
|
|
322
|
+
"gtm:okara-automation:write": "node scripts/okara-money-promo-automation.js --write",
|
|
320
323
|
"gtm:roo-sunset": "node scripts/roo-sunset-demand-pack.js",
|
|
321
324
|
"gtm:reddit": "node scripts/reddit-dm-workflow-hardening-pack.js",
|
|
322
325
|
"medium:weekly:draft": "node scripts/medium-weekly.js --write",
|
|
@@ -367,8 +370,6 @@
|
|
|
367
370
|
"trace:eval": "node scripts/decision-trace.js eval",
|
|
368
371
|
"social:reply-monitor": "node scripts/social-reply-monitor.js",
|
|
369
372
|
"social:reply-monitor:dry": "node scripts/social-reply-monitor.js --dry-run",
|
|
370
|
-
"social:reply-monitor:reddit-browser": "node scripts/reddit-browser-notification-watch.js",
|
|
371
|
-
"social:reply-monitor:reddit-browser:dry": "node scripts/reddit-browser-notification-watch.js --dry-run",
|
|
372
373
|
"social:reply-monitor:install-reddit": "node scripts/reddit-monitor-launchd.js install",
|
|
373
374
|
"social:reply-monitor:bluesky": "node scripts/social-reply-monitor-bluesky.js",
|
|
374
375
|
"social:reply-monitor:bluesky:dry": "node scripts/social-reply-monitor-bluesky.js --dry-run",
|
|
@@ -377,9 +378,9 @@
|
|
|
377
378
|
"social:prospect:bluesky": "node scripts/social-bluesky-prospecting.js",
|
|
378
379
|
"social:prospect:bluesky:dry": "node scripts/social-bluesky-prospecting.js --dry-run",
|
|
379
380
|
"social:reply-publish:bluesky:dry": "node scripts/social-reply-monitor-bluesky.js --publish-approved --dry-run",
|
|
380
|
-
"test": "npm run test:
|
|
381
|
-
"test:brain": "node --test tests/brain.test.js",
|
|
381
|
+
"test": "npm run test:python && npm run test:schema && npm run test:loop && npm run test:dpo && npm run test:kto && npm run test:api && npm run test:proof && npm run test:e2e && npm run test:rlaif && npm run test:attribution && npm run test:quality && npm run test:intelligence && npm run test:training-export && npm run test:deployment && npm run test:operational-integrity && npm run test:workflow && npm run test:billing && npm run test:cli && npm run test:watcher && npm run test:autoresearch && npm run test:ops && npm run test:session-analyzer && npm run test:tessl && npm run test:gates && npm run test:evoskill && npm run test:gates-hardening && npm run test:workers && npm run test:social-analytics && npm run test:memalign && npm run test:xmemory-lite && npm run test:filesystem-search && npm run test:platform-limits && npm run test:post-video && npm run test:post-everywhere-instagram && npm run test:post-everywhere-channels && npm run test:obsidian-export && npm run test:lesson-db && npm run test:lesson-rotation && npm run test:memory-dedup && npm run test:feedback-quality && npm run test:sync-version && npm run test:check-congruence && npm run test:tool-registry && npm run test:repeat-metric && npm run test:noop-detect && npm run test:action-receipts && npm run test:feedback-to-rules && npm run test:memory-firewall && npm run test:memory-scope-readiness && npm run test:belief-update && npm run test:hosted-config && npm run test:operational-summary && npm run test:operational-dashboard && npm run test:operator-artifacts && npm run test:operator-key-auth && npm run test:cloudflare-sandbox && npm run test:mcp-config && npm run test:mcp-tool-annotations && npm run test:mcp-oauth && npm run test:mcp-oauth-flow && npm run test:plan-gate && npm run test:ai-component-inventory && npm run test:pulse && npm run test:semantic-layer && npm run test:data-pipeline && npm run test:optimize-context && npm run test:principle-extractor && npm run test:analytics-window && npm run test:funnel-analytics && npm run test:experiment-tracker && npm run test:build-metadata && npm run test:context-engine && npm run test:hf-papers && npm run test:marketing-experiment && npm run test:seo-gsd && npm run test:verify-run && npm run test:export-dpo-pairs && npm run test:export-hf-dataset && npm run test:license && npm run test:bot-detector && npm run test:audit-pr-bot-contamination && npm run test:stripe-bootstrap-saas-catalog && npm run test:postinstall && npm run test:funnel-invariants && npm run test:cli-telemetry && npm run test:pro-parity && npm run test:model-tier-router && npm run test:computer-use-firewall && npm run test:skill-exporter && npm run test:statusline && npm run test:statusline-cache-aggregate && npm run test:public-repo-hygiene && npm run test:no-internal-orchestration-leaks && npm run test:evolution && npm run test:org-dashboard && npm run test:multi-hop-recall && npm run test:synthetic-dpo && npm run test:thumbgate-skill && npm run test:learn-hub && npm run test:feedback-fallback && npm run test:metaclaw && npm run test:server-lock && npm run test:control-tower && npm run test:pii-scanner && npm run test:data-governance && npm run test:lesson-inference && npm run test:semantic-dedup && npm run test:fs-utils && npm run test:cli-schema && npm run test:explore && npm run test:lesson-reranker && npm run test:lesson-retrieval && npm run test:lesson-semantic-retrieval && npm run test:cross-encoder && npm run test:reflector-agent && npm run test:feedback-session && npm run test:feedback-history-distiller && npm run test:hallucination-detector && npm run test:history-distiller && npm run test:predictive-insights && npm run test:predictive-credible-range && npm run test:prove-predictive-insights && npm run test:statusbar-cli && npm run test:generate-instagram-card && npm run test:instagram-thumbgate-post && npm run test:publish-instagram-thumbgate && npm run test:lesson-synthesis && npm run test:lesson-canonical && npm run test:background-governance && npm run test:memory-migration && npm run test:prompt-dlp && npm run test:ephemeral-store && npm run test:agent-security && npm run test:skill-progressive && npm run test:per-step-scoring && npm run test:weekly-auto-post && npm run test:social-post-hourly && npm run test:social-quality-gate && npm run test:a2ui-engine && npm run test:gate-satisfy && npm run test:money-watcher && npm run test:budget && npm run test:quick-start && npm run test:utm && npm run test:product-feedback && npm run test:feedback-root-consolidator && npm run test:engagement-audit && npm run test:install-growth-automation && npm run test:publish-thumbgate-launch && npm run test:reconcile-thumbgate-campaign && npm run test:reddit-publisher && npm run test:schedule-thumbgate-campaign && npm run test:social-reply-monitor && npm run test:sync-launch-assets && npm run test:ai-search-visibility && npm run test:perplexity && npm run test:security-scanner && npm run test:llm-client && npm run test:managed-lesson-agent && npm run test:self-distill && npm run test:meta-agent && npm run test:harness-selector && npm run test:thumbgate-bench && npm run test:seo-guides && npm run test:enforcement-loop && npm run test:cli-agent-experience && npm run test:bot-detection && npm run test:checkout-archived-product-guard && npm run test:postgres-guard && npm run test:checkout-bot-guard && npm run test:checkout-pro-confirmation-gate && npm run test:pricing-page-telemetry && npm run test:session-health && npm run test:session-episodes && npm run test:spec-gate && npm run test:decision-trace && npm run test:dashboard-insights && npm run test:telemetry-tracked-link-slug && npm run test:prompt-eval && npm run test:gate-coherence && npm run test:gate-eval && npm run test:high-roi && npm run test:public-static-assets && npm run test:token-savings && npm run test:numbers-page && npm run test:workflow-gate-checkpoint && npm run test:lesson-export-import && npm run test:landing-page-claims && npm run test:competitive-positioning-marketing && npm run test:medium-weekly && npm run test:dashboard-deeplink-e2e && npm run test:public-package-parity && npm run test:token-savings-dashboard && npm run test:cursor-wiring && npm run test:pretooluse-injection && npm run test:recent-corrective-context && npm run test:durability-step && npm run test:mailer && npm run test:brand-assets && npm run test:enforcement-teeth && npm run test:bayes-optimal-gate && npm run test:swarm-coordinator && npm run test:session-report && npm run test:agent-reasoning-traces && npm run test:judge-reward && npm run test:llm-behavior-monitor && npm run test:prompting-os && npm run test:single-use-credential-gate && npm run test:structured-prompt-driven && npm run test:require-evidence-gate && npm run test:rule-validator && npm run test:bluesky-atproto && npm run test:social-reply-monitor-bluesky && npm run test:bluesky-delete-replies && npm run test:architect-kit-memory-bridge && npm run test:sonar-review-hotspots && npm run test:actionable-remediations && npm run test:gemini-embedding-policy && npm run test:agent-design-governance && npm run test:public-core-boundary && npm run test:hook-stop-verify-deploy && npm run test:hook-stop-anti-claim && npm run test:plausible-server-events && npm run test:activation-tracker && npm run test:activation-onboarding && npm run test:unified-revenue-rollup && npm run test:conversion-rate-stats && npm run test:external-customer-audit && npm run test:telemetry-export && npm run test:stripe-checkout-diagnostic && npm run test:stripe-business-identity-probe && npm run test:revenue-observability-doctor && npm run test:public-bundle-ratchet && npm run test:stripe-payment-link-update && npm run test:ci-cd-hygiene-audit && npm run test:verify-marketing-pages-deployed && npm run test:install-email-capture && npm run test:install-shim && npm run test:hook-runtime-subcommands && npm run test:implementation-notes && npm run test:daily-block-cap && npm run test:free-to-paid-conversion-units && npm run test:metrics-real-endpoint && npm run test:cli-trial-and-help && npm run test:cost-cli && npm run test:silent-failure-cluster && npm run test:proof:truth && node --test tests/adaptive-reliability.test.js && npm run test:mcp-oauth-reviewer && npm run test:dfcx-gate && npm run test:dfcx-gate-server && npm run test:vertex-scorer && npm run test:dashboard-chat && npm run test:gitar-integration && npm run test:secret-redaction && npm run test:discoverable-skills && npm run test:discoverable-skill-skills && npm run test:sync-telemetry && npm run test:leak-scanner && npm run test:team-sync && npm run test:eval-rag && npm run test:async-eval-observability && npm run test:letta-adapter && npm run test:policy-engine-adapter && npm run test:tool-contract-validator && npm run test:check-update && npm run test:hermes-gate && npm run test:memory-provider-enforcement-bridge && npm run test:publisher-credential-guards && npm run test:reddit-browser-notification-watch && npm run test:payment-rails",
|
|
382
382
|
"test:python": "python3 -m pytest tests/*.py",
|
|
383
|
+
"test:check-update": "node --test tests/check-update.test.js",
|
|
383
384
|
"test:hook-stop-verify-deploy": "node --test tests/hook-stop-verify-deploy.test.js",
|
|
384
385
|
"test:hook-stop-anti-claim": "node --test tests/hook-stop-anti-claim.test.js",
|
|
385
386
|
"test:plausible-server-events": "node --test tests/plausible-server-events.test.js tests/plausible-poller.test.js tests/plausible-domain-config.test.js",
|
|
@@ -455,10 +456,10 @@
|
|
|
455
456
|
"test:memory-scope-readiness": "node --test tests/memory-scope-readiness.test.js",
|
|
456
457
|
"test:belief-update": "node --test tests/belief-update.test.js",
|
|
457
458
|
"test:hosted-config": "node --test tests/hosted-config.test.js",
|
|
458
|
-
"test:policy-engine-adapter": "node --test tests/policy-engine-adapter.test.js",
|
|
459
459
|
"test:operational-summary": "node --test tests/operational-summary.test.js",
|
|
460
460
|
"test:operational-dashboard": "node --test tests/operational-dashboard.test.js",
|
|
461
461
|
"test:operator-artifacts": "node --test tests/operator-artifacts.test.js tests/revenue-pack-utils.test.js",
|
|
462
|
+
"test:okara-money-promo-automation": "node --test tests/okara-money-promo-automation.test.js",
|
|
462
463
|
"test:operator-key-auth": "node --test tests/api-operator-key-auth.test.js",
|
|
463
464
|
"test:cloudflare-sandbox": "node --test tests/cloudflare-dynamic-sandbox.test.js tests/cloudflare-sandbox-api.test.js",
|
|
464
465
|
"test:mcp-config": "node --test tests/mcp-config.test.js",
|
|
@@ -479,6 +480,7 @@
|
|
|
479
480
|
"test:hf-papers": "node --test tests/hf-papers.test.js",
|
|
480
481
|
"test:marketing-experiment": "node --test tests/marketing-experiment.test.js",
|
|
481
482
|
"test:seo-gsd": "node --test tests/seo-gsd.test.js",
|
|
483
|
+
"test:hermes-gate": "node --test tests/hermes-gate.test.js",
|
|
482
484
|
"test:verify-run": "node --test tests/verify-run.test.js",
|
|
483
485
|
"test:export-dpo-pairs": "node --test tests/export-dpo-pairs.test.js",
|
|
484
486
|
"test:secret-redaction": "node --test tests/secret-redaction.test.js",
|
|
@@ -505,7 +507,7 @@
|
|
|
505
507
|
"test:operational-integrity": "node --test tests/operational-integrity.test.js tests/sync-branch-protection.test.js",
|
|
506
508
|
"test:workflow": "node --test tests/parallel-workflow.test.js tests/workflow-contract.test.js tests/positioning-contract.test.js tests/docs-claim-hygiene.test.js tests/thumbgate-scope.test.js tests/workflow-runs.test.js tests/workflow-sprint-intake.test.js tests/revenue-pack-utils.test.js tests/sales-pipeline.test.js tests/github-outreach.test.js tests/enterprise-story.test.js tests/guide-conversion-path.test.js tests/buyer-intent-revenue-assist.test.js",
|
|
507
509
|
"test:sales-pipeline": "node --test tests/sales-pipeline.test.js",
|
|
508
|
-
"test:billing": "node --test tests/billing.test.js tests/stripe-sync-product-images.test.js
|
|
510
|
+
"test:billing": "node --test tests/billing.test.js tests/stripe-sync-product-images.test.js",
|
|
509
511
|
"test:cli": "node --test tests/analytics-report.test.js tests/agent-design-governance.test.js tests/codex-self-heal.test.js tests/creator-campaigns.test.js tests/cli.test.js tests/codex-bridge-script.test.js tests/dependabot-changeset.test.js tests/dispatch-brief.test.js tests/feedback-normalize.test.js tests/install-mcp.test.js tests/install-scope-docs.test.js tests/pr-manager.test.js tests/pro-local-dashboard.test.js tests/published-cli.test.js tests/revenue-status.test.js tests/stripe-live-status.test.js tests/creator-dev-and-prune.test.js",
|
|
510
512
|
"test:evolution": "node --test tests/workspace-evolver.test.js",
|
|
511
513
|
"test:watcher": "node --test tests/jsonl-watcher.test.js",
|
|
@@ -564,18 +566,11 @@
|
|
|
564
566
|
"prove:xmemory": "node scripts/prove-xmemory.js",
|
|
565
567
|
"audit:stats": "node scripts/audit-trail.js --stats",
|
|
566
568
|
"profile:route": "node scripts/profile-router.js",
|
|
567
|
-
"social:poll:zernio": "node scripts/social-analytics/pollers/zernio.js",
|
|
568
|
-
"social:publish:zernio": "node scripts/social-analytics/publishers/zernio.js",
|
|
569
|
-
"social:zernio:status": "node scripts/social-analytics/zernio-status.js",
|
|
570
|
-
"test:zernio": "node --test tests/zernio-integration.test.js",
|
|
571
569
|
"test:platform-limits": "node --test tests/platform-limits.test.js",
|
|
572
570
|
"test:durability-step": "node --test tests/durability-step.test.js",
|
|
573
571
|
"test:post-video": "node --test tests/post-video.test.js",
|
|
574
572
|
"test:post-everywhere-instagram": "node --test tests/post-everywhere-instagram.test.js",
|
|
575
573
|
"test:post-everywhere-channels": "node --test tests/post-everywhere-channels.test.js",
|
|
576
|
-
"test:post-everywhere-zernio-default": "node --test tests/post-everywhere-zernio-default.test.js",
|
|
577
|
-
"test:zernio-canonical-pollers": "node --test tests/zernio-canonical-pollers.test.js",
|
|
578
|
-
"test:zernio-status": "node --test tests/zernio-status.test.js",
|
|
579
574
|
"test:license": "node --test tests/license.test.js",
|
|
580
575
|
"test:bot-detector": "node --test tests/bot-detector.test.js",
|
|
581
576
|
"test:audit-pr-bot-contamination": "node --test tests/audit-pr-bot-contamination.test.js",
|
|
@@ -640,13 +635,11 @@
|
|
|
640
635
|
"social:reconcile:campaign": "node scripts/social-analytics/reconcile-thumbgate-campaign.js",
|
|
641
636
|
"social:sync:launch-assets": "node scripts/social-analytics/sync-launch-assets.js",
|
|
642
637
|
"social:engagement:audit": "node scripts/social-analytics/engagement-audit.js",
|
|
643
|
-
"social:dedupe:cleanup": "node scripts/social-analytics/cleanup-zernio-duplicates.js",
|
|
644
638
|
"test:install-growth-automation": "node --test tests/install-growth-automation.test.js",
|
|
645
639
|
"test:publish-thumbgate-launch": "node --test tests/publish-thumbgate-launch.test.js",
|
|
646
640
|
"test:reconcile-thumbgate-campaign": "node --test tests/reconcile-thumbgate-campaign.test.js",
|
|
647
641
|
"test:schedule-thumbgate-campaign": "node --test tests/schedule-thumbgate-campaign.test.js",
|
|
648
642
|
"test:social-reply-monitor": "node --test tests/social-reply-monitor.test.js tests/reddit-monitor-launchd.test.js",
|
|
649
|
-
"test:social-dedupe-cleanup": "node --test tests/cleanup-zernio-duplicates.test.js",
|
|
650
643
|
"test:bluesky-atproto": "node --test tests/bluesky-atproto.test.js",
|
|
651
644
|
"test:social-reply-monitor-bluesky": "node --test tests/social-reply-monitor-bluesky.test.js tests/bluesky-monitor-launchd.test.js tests/social-bluesky-prospecting.test.js",
|
|
652
645
|
"test:bluesky-delete-replies": "node --test tests/bluesky-delete-replies.test.js",
|
|
@@ -699,7 +692,9 @@
|
|
|
699
692
|
"test:ai-engineering-stack-guardrails": "node --test tests/ai-engineering-stack-guardrails.test.js",
|
|
700
693
|
"test:ai-component-inventory": "node --test tests/ai-component-inventory.test.js",
|
|
701
694
|
"test:interaction-model": "node --test tests/interaction-model.test.js tests/interaction-model-e2e.test.js",
|
|
702
|
-
"
|
|
695
|
+
"aws-blocks:guardrails": "node scripts/aws-blocks-guardrails.js",
|
|
696
|
+
"test:aws-blocks-guardrails": "node --test tests/aws-blocks-guardrails.test.js",
|
|
697
|
+
"test:high-roi": "node --test tests/high-roi.test.js tests/model-candidates.test.js tests/autonomous-workflow.test.js tests/high-roi-agent-workflows.test.js tests/interaction-model.test.js tests/interaction-model-e2e.test.js tests/code-graph-guardrails.test.js tests/proxy-pointer-rag-guardrails.test.js tests/rag-precision-guardrails.test.js tests/ai-engineering-stack-guardrails.test.js tests/long-running-agent-context-guardrails.test.js tests/reasoning-efficiency-guardrails.test.js tests/deepseek-v4-runtime-guardrails.test.js tests/upstream-contribution-engine.test.js tests/proactive-agent-eval-guardrails.test.js tests/reward-hacking-guardrails.test.js tests/chatgpt-ads-readiness-pack.test.js tests/oss-pr-opportunity-scout.test.js tests/agent-design-governance.test.js tests/gemini-embedding-policy.test.js tests/openclaw-agent-governance-kit.test.js tests/agent-operations-planner.test.js tests/aws-blocks-guardrails.test.js",
|
|
703
698
|
"test:public-static-assets": "node --test tests/public-static-assets.test.js",
|
|
704
699
|
"test:token-savings": "node --test tests/token-savings.test.js",
|
|
705
700
|
"test:cost-cli": "node --test tests/cost-cli.test.js tests/conversion-receipt.test.js",
|
|
@@ -756,7 +751,15 @@
|
|
|
756
751
|
"test:leak-scanner": "node --test tests/leak-scanner.test.js",
|
|
757
752
|
"test:tool-contract-validator": "node --test tests/tool-contract-validator.test.js",
|
|
758
753
|
"test:letta-adapter": "node --test tests/letta-adapter.test.js",
|
|
759
|
-
"
|
|
754
|
+
"test:policy-engine-adapter": "node --test tests/policy-engine-adapter.test.js",
|
|
755
|
+
"eval:observability": "node scripts/async-eval-observability.js",
|
|
756
|
+
"test:memory-provider-enforcement-bridge": "node --test tests/memory-provider-enforcement-bridge.test.js",
|
|
757
|
+
"test:payment-rails": "node --test tests/payment-rails.test.js",
|
|
758
|
+
"test:publisher-credential-guards": "node --test tests/publisher-credential-guards.test.js",
|
|
759
|
+
"test:reddit-browser-notification-watch": "node --test tests/reddit-browser-notification-watch.test.js",
|
|
760
|
+
"cursor:marketplace:doctor": "node scripts/cursor-marketplace-doctor.js",
|
|
761
|
+
"cursor:marketplace:doctor:json": "node scripts/cursor-marketplace-doctor.js --json",
|
|
762
|
+
"test:cursor-marketplace-doctor": "node --test tests/cursor-marketplace-doctor.test.js"
|
|
760
763
|
},
|
|
761
764
|
"keywords": [
|
|
762
765
|
"mcp",
|
|
@@ -823,9 +826,16 @@
|
|
|
823
826
|
"stripe": "^22.2.0"
|
|
824
827
|
},
|
|
825
828
|
"overrides": {
|
|
829
|
+
"@google/genai": {
|
|
830
|
+
"protobufjs": "7.6.4"
|
|
831
|
+
},
|
|
832
|
+
"onnxruntime-web": {
|
|
833
|
+
"protobufjs": "7.6.4"
|
|
834
|
+
},
|
|
826
835
|
"express@4.22.1": {
|
|
827
836
|
"path-to-regexp": "0.1.13"
|
|
828
|
-
}
|
|
837
|
+
},
|
|
838
|
+
"js-yaml": "4.2.0"
|
|
829
839
|
},
|
|
830
840
|
"mcpName": "io.github.IgorGanapolsky/thumbgate",
|
|
831
841
|
"devDependencies": {
|
|
@@ -833,7 +843,7 @@
|
|
|
833
843
|
"@changesets/cli": "^2.31.0",
|
|
834
844
|
"@playwright/test": "^1.60.0",
|
|
835
845
|
"c8": "^11.0.0",
|
|
836
|
-
"undici": "^8.
|
|
846
|
+
"undici": "^8.5.0"
|
|
837
847
|
},
|
|
838
848
|
"hotfix": "gate-check-bypass-2026-06-03"
|
|
839
849
|
}
|
|
@@ -0,0 +1,22 @@
|
|
|
1
|
+
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 1200 360" role="img" aria-labelledby="tg-logo-transparent-title tg-logo-transparent-desc">
|
|
2
|
+
<title id="tg-logo-transparent-title">ThumbGate</title>
|
|
3
|
+
<desc id="tg-logo-transparent-desc">Transparent ThumbGate sponsor logo with TG gate monogram and wordmark for dark or colored event backgrounds.</desc>
|
|
4
|
+
<defs>
|
|
5
|
+
<linearGradient id="tg-logo-transparent-frame" x1="66" y1="66" x2="294" y2="294" gradientUnits="userSpaceOnUse">
|
|
6
|
+
<stop offset="0" stop-color="#8cf5d1"/>
|
|
7
|
+
<stop offset="1" stop-color="#22d3ee"/>
|
|
8
|
+
</linearGradient>
|
|
9
|
+
<filter id="tg-logo-transparent-glow" x="-30%" y="-30%" width="160%" height="160%" color-interpolation-filters="sRGB">
|
|
10
|
+
<feDropShadow dx="0" dy="0" stdDeviation="8" flood-color="#22d3ee" flood-opacity="0.30"/>
|
|
11
|
+
</filter>
|
|
12
|
+
</defs>
|
|
13
|
+
<g filter="url(#tg-logo-transparent-glow)">
|
|
14
|
+
<rect x="66" y="66" width="228" height="228" rx="54" fill="#061015" fill-opacity="0.78"/>
|
|
15
|
+
<rect x="103" y="103" width="154" height="154" rx="36" fill="#0b1820" stroke="url(#tg-logo-transparent-frame)" stroke-width="9"/>
|
|
16
|
+
<path d="M132 216V147c0-16 12-28 28-28h40c16 0 28 12 28 28v69" fill="none" stroke="#8cf5d1" stroke-width="13" stroke-linecap="round" stroke-linejoin="round"/>
|
|
17
|
+
<text x="180" y="196" text-anchor="middle" fill="#e7fbff" font-family="Inter, -apple-system, BlinkMacSystemFont, Segoe UI, Arial, sans-serif" font-size="58" font-weight="900" letter-spacing="-3.5">TG</text>
|
|
18
|
+
<rect x="129" y="211" width="102" height="13" rx="6.5" fill="#22d3ee"/>
|
|
19
|
+
</g>
|
|
20
|
+
<text x="340" y="178" fill="#f4fdff" font-family="Inter, -apple-system, BlinkMacSystemFont, Segoe UI, Arial, sans-serif" font-size="82" font-weight="900">ThumbGate</text>
|
|
21
|
+
<text x="344" y="235" fill="#9ca3af" font-family="Inter, -apple-system, BlinkMacSystemFont, Segoe UI, Arial, sans-serif" font-size="30" font-weight="600">Pre-Action Checks for AI coding agents</text>
|
|
22
|
+
</svg>
|
|
@@ -0,0 +1,19 @@
|
|
|
1
|
+
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 64 64" role="img" aria-labelledby="tg-inline-title tg-inline-desc">
|
|
2
|
+
<title id="tg-inline-title">ThumbGate</title>
|
|
3
|
+
<desc id="tg-inline-desc">ThumbGate simplified gate mark for inline site headers.</desc>
|
|
4
|
+
<defs>
|
|
5
|
+
<linearGradient id="tg-inline-frame" x1="8" y1="8" x2="56" y2="56" gradientUnits="userSpaceOnUse">
|
|
6
|
+
<stop offset="0" stop-color="#8cf5d1"/>
|
|
7
|
+
<stop offset="1" stop-color="#22d3ee"/>
|
|
8
|
+
</linearGradient>
|
|
9
|
+
<linearGradient id="tg-inline-fill" x1="20" y1="18" x2="44" y2="48" gradientUnits="userSpaceOnUse">
|
|
10
|
+
<stop offset="0" stop-color="#123142"/>
|
|
11
|
+
<stop offset="1" stop-color="#071116"/>
|
|
12
|
+
</linearGradient>
|
|
13
|
+
</defs>
|
|
14
|
+
<rect x="5" y="5" width="54" height="54" rx="15" fill="#061015"/>
|
|
15
|
+
<path d="M32 10.5c12.2 3.9 19 11.4 19 22.1 0 11.9-9.4 19.2-19 22.1-9.6-2.9-19-10.2-19-22.1 0-10.7 6.8-18.2 19-22.1Z" fill="url(#tg-inline-fill)" stroke="url(#tg-inline-frame)" stroke-width="4" stroke-linejoin="round"/>
|
|
16
|
+
<path d="M22 43V29.4c0-6 4.4-10.4 10-10.4s10 4.4 10 10.4V43" fill="none" stroke="#8cf5d1" stroke-width="5" stroke-linecap="round" stroke-linejoin="round"/>
|
|
17
|
+
<path d="M25 43h14" stroke="#22d3ee" stroke-width="5" stroke-linecap="round"/>
|
|
18
|
+
<circle cx="32" cy="31" r="3.2" fill="#e7fbff"/>
|
|
19
|
+
</svg>
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512" role="img" aria-labelledby="title desc">
|
|
2
2
|
<title id="title">ThumbGate mark</title>
|
|
3
|
-
<desc id="desc">A crisp
|
|
3
|
+
<desc id="desc">A crisp shield and thumbs-up mark for ThumbGate.</desc>
|
|
4
4
|
<defs>
|
|
5
5
|
<linearGradient id="tg-frame" x1="96" y1="96" x2="416" y2="416" gradientUnits="userSpaceOnUse">
|
|
6
6
|
<stop offset="0" stop-color="#8cf5d1"/>
|
|
@@ -8,8 +8,14 @@
|
|
|
8
8
|
</linearGradient>
|
|
9
9
|
</defs>
|
|
10
10
|
<rect width="512" height="512" rx="112" fill="#061015"/>
|
|
11
|
-
<
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
|
|
11
|
+
<g transform="translate(78, 78) scale(5.5625)">
|
|
12
|
+
<!-- Outer Shield / Gate -->
|
|
13
|
+
<path d="M32 9 C20 13 15 20 15 33 C15 45 26 53 32 56 C38 53 49 45 49 33 C49 20 44 13 32 9 Z"
|
|
14
|
+
fill="#0b1820" stroke="url(#tg-frame)" stroke-width="3.5" stroke-linejoin="round"/>
|
|
15
|
+
|
|
16
|
+
<!-- Proportional Thumbs Up -->
|
|
17
|
+
<g transform="translate(19, 17) scale(1.1)" stroke="#8cf5d1" stroke-width="2.5" stroke-linecap="round" stroke-linejoin="round" fill="none">
|
|
18
|
+
<path d="M14 9V5a3 3 0 0 0-3-3l-4 9v11h11.28a2 2 0 0 0 2-1.7l1.38-9a2 2 0 0 0-2-2.3zM7 22H4a2 2 0 0 1-2-2v-7a2 2 0 0 1 2-2h3"/>
|
|
19
|
+
</g>
|
|
20
|
+
</g>
|
|
15
21
|
</svg>
|
package/public/blog.html
CHANGED
|
@@ -34,12 +34,6 @@
|
|
|
34
34
|
"url": "https://thumbgate.ai/blog",
|
|
35
35
|
"publisher": { "@type": "Organization", "name": "ThumbGate" },
|
|
36
36
|
"blogPost": [
|
|
37
|
-
{
|
|
38
|
-
"@type": "BlogPosting",
|
|
39
|
-
"headline": "Databricks validates runtime AI governance. The next layer is pre-action enforcement.",
|
|
40
|
-
"datePublished": "2026-06-20",
|
|
41
|
-
"keywords": "Databricks Unity AI Gateway, runtime AI governance, MCP governance, pre-action enforcement, ThumbGate"
|
|
42
|
-
},
|
|
43
37
|
{
|
|
44
38
|
"@type": "BlogPosting",
|
|
45
39
|
"headline": "Your AI agent is a supply chain attack surface. Here's how to gate it.",
|
|
@@ -178,30 +172,6 @@
|
|
|
178
172
|
</header>
|
|
179
173
|
|
|
180
174
|
<div class="container">
|
|
181
|
-
<article class="post">
|
|
182
|
-
<div class="post-date">June 20, 2026</div>
|
|
183
|
-
<h2>Databricks validates runtime AI governance. The next layer is pre-action enforcement.</h2>
|
|
184
|
-
|
|
185
|
-
<p>
|
|
186
|
-
Databricks Unity AI Gateway is a strong market signal: enterprise AI
|
|
187
|
-
governance is moving from static policy into runtime interactions
|
|
188
|
-
across models, agents, MCP services, tools, guardrails, observability,
|
|
189
|
-
and cost controls.
|
|
190
|
-
</p>
|
|
191
|
-
<p>
|
|
192
|
-
That is exactly where ThumbGate should live in the buyer conversation:
|
|
193
|
-
not as a Databricks replacement, but as the local pre-action gate that
|
|
194
|
-
stops the developer agent before it calls shell, browser, file, API,
|
|
195
|
-
MCP, or deploy tools.
|
|
196
|
-
</p>
|
|
197
|
-
<p>
|
|
198
|
-
Dashboards and budgets warn you. Gates stop the action.
|
|
199
|
-
</p>
|
|
200
|
-
<p>
|
|
201
|
-
<a href="/learn/databricks-unity-ai-gateway-runtime-governance" class="cta">Read the runtime governance breakdown</a>
|
|
202
|
-
</p>
|
|
203
|
-
</article>
|
|
204
|
-
|
|
205
175
|
<article class="post">
|
|
206
176
|
<div class="post-date">April 10, 2026</div>
|
|
207
177
|
<h2>Your AI agent is a supply chain attack surface. Here's how to gate it.</h2>
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 64 64" role="img" aria-labelledby="title desc">
|
|
2
2
|
<title id="title">ThumbGate</title>
|
|
3
|
-
<desc id="desc">ThumbGate
|
|
3
|
+
<desc id="desc">ThumbGate premium shield and thumbs-up mark.</desc>
|
|
4
4
|
<defs>
|
|
5
5
|
<linearGradient id="tg-frame" x1="8" y1="8" x2="56" y2="56" gradientUnits="userSpaceOnUse">
|
|
6
6
|
<stop offset="0" stop-color="#8cf5d1"/>
|
|
@@ -8,8 +8,12 @@
|
|
|
8
8
|
</linearGradient>
|
|
9
9
|
</defs>
|
|
10
10
|
<rect width="64" height="64" rx="14" fill="#061015"/>
|
|
11
|
-
|
|
12
|
-
<path d="
|
|
13
|
-
|
|
14
|
-
|
|
11
|
+
<!-- Outer Shield / Gate -->
|
|
12
|
+
<path d="M32 9 C20 13 15 20 15 33 C15 45 26 53 32 56 C38 53 49 45 49 33 C49 20 44 13 32 9 Z"
|
|
13
|
+
fill="#0b1820" stroke="url(#tg-frame)" stroke-width="3.5" stroke-linejoin="round"/>
|
|
14
|
+
|
|
15
|
+
<!-- Proportional Thumbs Up -->
|
|
16
|
+
<g transform="translate(19, 17) scale(1.1)" stroke="#8cf5d1" stroke-width="2.5" stroke-linecap="round" stroke-linejoin="round" fill="none">
|
|
17
|
+
<path d="M14 9V5a3 3 0 0 0-3-3l-4 9v11h11.28a2 2 0 0 0 2-1.7l1.38-9a2 2 0 0 0-2-2.3zM7 22H4a2 2 0 0 1-2-2v-7a2 2 0 0 1 2-2h3"/>
|
|
18
|
+
</g>
|
|
15
19
|
</svg>
|
package/public/chatgpt-app.html
CHANGED
|
@@ -53,7 +53,7 @@
|
|
|
53
53
|
.shell { max-width: 1120px; margin: 0 auto; padding: 28px 20px 72px; }
|
|
54
54
|
.nav { display: flex; align-items: center; justify-content: space-between; gap: 18px; padding: 6px 0 28px; }
|
|
55
55
|
.brand { display: inline-flex; align-items: center; gap: 12px; font-weight: 800; text-decoration: none; }
|
|
56
|
-
.brand img { width:
|
|
56
|
+
.brand img { width: 28px; height: 28px; }
|
|
57
57
|
.navlinks { display: flex; gap: 18px; flex-wrap: wrap; color: var(--muted); font-size: 14px; }
|
|
58
58
|
.navlinks a { text-decoration: none; }
|
|
59
59
|
.hero {
|
|
@@ -195,7 +195,7 @@
|
|
|
195
195
|
<main class="shell">
|
|
196
196
|
<nav class="nav" aria-label="Primary">
|
|
197
197
|
<a class="brand" href="/">
|
|
198
|
-
<img src="/assets/brand/thumbgate-
|
|
198
|
+
<img src="/assets/brand/thumbgate-mark-inline-v3.svg" alt="ThumbGate logo">
|
|
199
199
|
<span>ThumbGate</span>
|
|
200
200
|
</a>
|
|
201
201
|
<div class="navlinks">
|
package/public/compare.html
CHANGED
|
@@ -272,7 +272,6 @@
|
|
|
272
272
|
<ul class="compare-index">
|
|
273
273
|
<li><a href="/compare/sigmashake">ThumbGate vs SigmaShake</a> — learns the rule from your thumbs-down vs a hand-picked ruleset hub</li>
|
|
274
274
|
<li><a href="/compare/claude-code-hooks">ThumbGate vs claude-code-hooks</a> — hosted sync & learning on top of local shell-script hooks</li>
|
|
275
|
-
<li><a href="/compare/databricks-unity-ai-gateway">ThumbGate vs Databricks Unity AI Gateway</a> — enterprise gateway governance pairs with local pre-action gates</li>
|
|
276
275
|
<li><a href="/compare/arcjet">ThumbGate vs Arcjet</a> — agent-outbound gate pairs with an app-inbound firewall</li>
|
|
277
276
|
<li><a href="/compare/bumblebee">ThumbGate vs Bumblebee</a> — runtime enforcement pairs with static inventory</li>
|
|
278
277
|
<li><a href="/compare/anthropic-containment">ThumbGate vs Anthropic's Claude Containment</a> — an IDE-agent extension of Anthropic's published architecture</li>
|
|
@@ -287,6 +286,8 @@
|
|
|
287
286
|
<li><a href="/compare/agentix-labs">ThumbGate vs Agentix Labs</a> — productized enforcement vs custom AI-agent services</li>
|
|
288
287
|
<li><a href="/compare/adopt-ai">ThumbGate vs Adopt AI</a> — pre-execution firewall vs evals-first gating for production blast radius</li>
|
|
289
288
|
<li><a href="/compare/arcade">ThumbGate vs Arcade</a> — coding-agent guardrails vs enterprise API auth delegation</li>
|
|
289
|
+
<li><a href="/compare/databricks-unity-ai-gateway">ThumbGate vs Databricks Unity AI Gateway</a> — enterprise gateway vs local pre-action gates</li>
|
|
290
|
+
<li><a href="/compare/hermes-everos-memory">ThumbGate vs Hermes and EverOS</a> — local-first behavior gates vs passive agent memory stores</li>
|
|
290
291
|
</ul>
|
|
291
292
|
|
|
292
293
|
<h2>How It Works</h2>
|
package/public/dashboard.html
CHANGED
|
@@ -290,7 +290,7 @@
|
|
|
290
290
|
|
|
291
291
|
<nav>
|
|
292
292
|
<div class="container">
|
|
293
|
-
<a href="/" class="nav-logo"><img src="/assets/brand/thumbgate-mark-inline.svg" alt="ThumbGate" class="logo-mark" width="28" height="28"><span class="logo-text">ThumbGate Dashboard</span></a>
|
|
293
|
+
<a href="/" class="nav-logo"><img src="/assets/brand/thumbgate-mark-inline-v3.svg" alt="ThumbGate" class="logo-mark" width="28" height="28"><span class="logo-text">ThumbGate Dashboard</span></a>
|
|
294
294
|
<div class="nav-links">
|
|
295
295
|
<a href="/dashboard" class="active" style="color:var(--cyan);">Dashboard</a>
|
|
296
296
|
<a href="/lessons">Lessons</a>
|
package/public/federal.html
CHANGED
|
@@ -179,7 +179,7 @@ __GA_BOOTSTRAP__
|
|
|
179
179
|
<nav>
|
|
180
180
|
<div class="container">
|
|
181
181
|
<a class="nav-logo" href="/">
|
|
182
|
-
<img class="logo-mark" src="/assets/brand/thumbgate-mark.svg" alt="" />
|
|
182
|
+
<img class="logo-mark" src="/assets/brand/thumbgate-mark-inline-v3.svg" alt="" />
|
|
183
183
|
ThumbGate <span>/ federal</span>
|
|
184
184
|
</a>
|
|
185
185
|
<div class="nav-links">
|