thumbgate 1.27.12 → 1.27.13

package/public/learn/ac-dc-runtime-enforcement.html

@@ -1,277 +0,0 @@
-<!DOCTYPE html>
-<html lang="en">
-<head>
-<meta charset="UTF-8">
-<meta name="viewport" content="width=device-width, initial-scale=1.0">
-<title>AC/DC governs the code agents write. Runtime enforcement governs what agents do. - ThumbGate</title>
-<script defer data-domain="thumbgate.ai" src="https://plausible.io/js/script.js"></script>
-<meta name="description" content="Sonar's Agent Centric Development Cycle (AC/DC) defines Guide → Generate → Verify → Solve for code-quality. It has no Pre-Execution Gate. Here is where runtime enforcement plugs into AC/DC, with a worked map for each stage.">
-<meta name="keywords" content="AC/DC framework, Agent Centric Development Cycle, AI coding agent governance, PreToolUse runtime enforcement, agentic SDLC, Sonar AC/DC, ThumbGate">
-<meta property="og:title" content="AC/DC + Runtime Enforcement: Closing the Pre-Execution Gap">
-<meta property="og:description" content="Sonar's AC/DC governs what agents WRITE. Runtime enforcement at PreToolUse governs what agents DO. The two compose — but only one of them stops rm -rf / DROP TABLE / unauthorized MCP calls before they happen.">
-<meta property="og:type" content="article">
-<meta property="og:url" content="https://thumbgate.ai/learn/ac-dc-runtime-enforcement">
-<link rel="canonical" href="https://thumbgate.ai/learn/ac-dc-runtime-enforcement">
-<link rel="stylesheet" href="/learn/learn.css">
-<script type="application/ld+json">
-{
-  "@context": "https://schema.org",
-  "@type": "TechArticle",
-  "headline": "AC/DC governs the code agents write. Runtime enforcement governs what agents do.",
-  "description": "Sonar's Agent Centric Development Cycle (AC/DC) framework — Guide, Generate, Verify, Solve — is a code-quality lifecycle. Its Verify stage operates on generated code. Many of the highest-blast-radius agent failures (destructive shell commands, unauthorized MCP calls, secret exfiltration) never become code that Verify can inspect. They happen between Generate and the next Guide as runtime actions. This article maps each AC/DC stage to the runtime-enforcement layer that closes the pre-execution gap.",
-  "author": {
-    "@type": "Person",
-    "name": "Igor Ganapolsky",
-    "url": "https://github.com/IgorGanapolsky"
-  },
-  "publisher": {
-    "@type": "Organization",
-    "name": "ThumbGate",
-    "url": "https://thumbgate.ai"
-  },
-  "datePublished": "2026-05-27",
-  "dateModified": "2026-05-27",
-  "mainEntityOfPage": "https://thumbgate.ai/learn/ac-dc-runtime-enforcement",
-  "citation": [
-    "https://www.sonarsource.com/blog/the-future-is-ac-dc-the-agent-centric-development-cycle",
-    "https://thenewstack.io/agentic-development-cycle-framework/"
-  ],
-  "about": [
-    { "@type": "Thing", "name": "AC/DC framework" },
-    { "@type": "Thing", "name": "Agent Centric Development Cycle" },
-    { "@type": "Thing", "name": "agentic SDLC governance" },
-    { "@type": "Thing", "name": "PreToolUse runtime enforcement" }
-  ]
-}
-</script>
-<script type="application/ld+json">
-{
-  "@context": "https://schema.org",
-  "@type": "FAQPage",
-  "mainEntity": [
-    {
-      "@type": "Question",
-      "name": "What is the AC/DC framework?",
-      "acceptedAnswer": {
-        "@type": "Answer",
-        "text": "AC/DC stands for Agent Centric Development Cycle. It is a four-stage governance framework published by Sonar (the company behind SonarCloud and SonarQube) for teams running AI coding agents. The stages are Guide (hand the agent your standards, architecture, and constraints before it writes code), Generate (the LLM writes code), Verify (mandatory verification of the generated code, primarily through static analysis), and Solve (fix the issues Verify surfaces). Each stage feeds the next, and outputs from Verify and Solve loop back into Guide so future iterations improve. AC/DC is a code-quality lifecycle for agentic development."
-      }
-    },
-    {
-      "@type": "Question",
-      "name": "Does AC/DC cover runtime safety?",
-      "acceptedAnswer": {
-        "@type": "Answer",
-        "text": "Not directly. AC/DC's Verify stage inspects generated code — typically after the agent has produced a diff or pull request. Many of the highest-blast-radius agent failures never become code that Verify can inspect. A destructive shell command like rm -rf, a DROP TABLE against the wrong database, a git push --force to main, a leaked environment variable through an MCP tool call, or an outbound LLM call to an unauthorized endpoint all happen between Generate and the next Guide loop as runtime actions. They produce no committed source code. Runtime enforcement at the PreToolUse hook is the layer that catches them before execution."
-      }
-    },
-    {
-      "@type": "Question",
-      "name": "Does runtime enforcement replace AC/DC's Verify stage?",
-      "acceptedAnswer": {
-        "@type": "Answer",
-        "text": "No. They cover different surfaces and compose cleanly. AC/DC's Verify stage catches problems in committed code. Runtime enforcement catches problems in proposed tool calls before the tool fires. A correct deployment of both means: PreToolUse hooks block destructive or unauthorized actions before execution, Verify catches quality and security issues in the code the agent did write, and Solve fixes what Verify surfaces. The two layers add up to coverage of both the action surface and the code surface."
-      }
-    },
-    {
-      "@type": "Question",
-      "name": "Where does ThumbGate fit into AC/DC?",
-      "acceptedAnswer": {
-        "@type": "Answer",
-        "text": "ThumbGate fits at two AC/DC stages. At Guide, ThumbGate's prevention-rules.md and context packs hand the agent local, learned constraints before it writes code — generated from prior failures captured by feedback hooks. At Verify, ThumbGate adds a runtime-action verification layer that operates on the tool call the agent is about to make, not on the code it already wrote. This closes the pre-execution gap between Generate and the next Guide iteration that pure-static Verify cannot reach."
-      }
-    },
-    {
-      "@type": "Question",
-      "name": "Is Sonar a ThumbGate competitor?",
-      "acceptedAnswer": {
-        "@type": "Answer",
-        "text": "No. Sonar runs at the code-quality layer (static analysis of committed code, security hotspots, coverage, duplications). ThumbGate runs at the runtime-action layer (PreToolUse hooks in Claude Code, Cursor, Codex CLI, Gemini CLI, Amp, Cline, OpenCode, Claude Desktop). The two layers are complementary. Regulated teams already running Sonar can keep Sonar at Verify-of-code and add ThumbGate at Verify-of-action to close the runtime gap AC/DC does not explicitly name."
-      }
-    }
-  ]
-}
-</script>
-<style>
-  table { width: 100%; border-collapse: collapse; margin: 1rem 0; }
-  th, td { text-align: left; padding: 0.7rem 0.8rem; border-bottom: 1px solid var(--border); vertical-align: top; font-size: 0.92rem; }
-  th { color: var(--cyan); font-weight: 700; }
-  .layer strong { color: var(--green); }
-  .mini-grid { display: grid; grid-template-columns: repeat(2, minmax(0, 1fr)); gap: 1rem; margin: 1.25rem 0; }
-  .mini-card { background: var(--bg-card); border: 1px solid var(--border); border-radius: 8px; padding: 1rem; }
-  .mini-card h3 { margin-top: 0; color: var(--text); }
-  .mini-card p { color: var(--muted); }
-  blockquote { border-left: 3px solid var(--cyan); margin: 1rem 0; padding: 0.5rem 1rem; color: var(--text); font-style: italic; background: rgba(34, 211, 238, 0.05); }
-  @media (max-width: 700px) { .mini-grid { grid-template-columns: 1fr; } }
-</style>
-</head>
-<body>
-<nav>
-  <a href="/" class="brand"><img src="/assets/brand/thumbgate-mark-inline.svg" alt="ThumbGate" class="logo-mark" width="28" height="28"><span class="logo-text">ThumbGate</span></a>
-  <a href="/guide">Setup Guide</a>
-  <a href="/learn">Learn</a>
-  <a href="/dashboard">Dashboard</a>
-  <a href="https://github.com/IgorGanapolsky/ThumbGate" target="_blank" rel="noopener">GitHub</a>
-</nav>
-
-<div class="container">
-  <div class="breadcrumb"><a href="/learn">Learn</a> / AC/DC Runtime Enforcement</div>
-  <h1>AC/DC governs the code agents write. Runtime enforcement governs what agents do.</h1>
-  <p style="color:var(--muted);">6 min read &middot; For engineering leaders adopting Sonar's Agent Centric Development Cycle</p>
-
-  <div class="tldr"><strong>TL;DR:</strong> Sonar's AC/DC framework (Guide → Generate → Verify → Solve) is a code-quality lifecycle for agentic development. It has no Pre-Execution Gate stage. The highest-blast-radius agent failures — destructive shell, unauthorized MCP calls, force-push to main, secret exfiltration — never become committed code. They are runtime actions that happen between Generate and the next Guide loop. PreToolUse runtime enforcement is the layer that closes that gap. The two compose: AC/DC verifies the code, runtime enforcement verifies the action.</div>
-
-  <h2>What AC/DC is</h2>
-  <p>Sonar published <a href="https://www.sonarsource.com/blog/the-future-is-ac-dc-the-agent-centric-development-cycle" target="_blank" rel="noopener">the Agent Centric Development Cycle</a> (AC/DC) in early 2026 as a framework for teams shipping AI coding agents at scale. <a href="https://thenewstack.io/agentic-development-cycle-framework/" target="_blank" rel="noopener">The New Stack covered it as the governance framework</a> teams should reach for. Four stages, each feeding the next, with outputs from Verify and Solve looping back into Guide:</p>
-
-  <table>
-    <thead>
-      <tr>
-        <th>Stage</th>
-        <th>What happens</th>
-        <th>What it inspects</th>
-      </tr>
-    </thead>
-    <tbody>
-      <tr class="layer">
-        <td><strong>Guide</strong></td>
-        <td>Hand the agent your standards, architecture, and constraints before it writes a line of code.</td>
-        <td>Prompts, context packs, conventions.</td>
-      </tr>
-      <tr class="layer">
-        <td><strong>Generate</strong></td>
-        <td>The LLM produces the code it believes will achieve the desired outcome.</td>
-        <td>Nothing yet &mdash; pure generation.</td>
-      </tr>
-      <tr class="layer">
-        <td><strong>Verify</strong></td>
-        <td>Mandatory verification of the generated code &mdash; static analysis, security hotspots, coverage, duplication.</td>
-        <td>Committed source code.</td>
-      </tr>
-      <tr class="layer">
-        <td><strong>Solve</strong></td>
-        <td>Fix the issues Verify surfaces, so the next iteration is cleaner.</td>
-        <td>Issues, lessons.</td>
-      </tr>
-    </tbody>
-  </table>
-
-  <blockquote>"In an agentic development model, the primary challenge is no longer writing code; it is creating a system that makes generated code trustworthy." — Sonar, on AC/DC</blockquote>
-
-  <p>That's a correct framing for the code-quality slice of agentic governance. It is also the slice Sonar happens to own. The framework is honest about that — it is explicitly a code-trust framework, not an action-trust framework.</p>
-
-  <h2>The structural gap: no Pre-Execution Gate</h2>
-  <p>Look at the four stages again. Verify inspects code the agent already wrote. Solve fixes that code. Guide informs the next generation. Nowhere in the loop is there a stage that intercepts an action the agent is about to take.</p>
-
-  <p>That matters because the failures that wake operators at 2 a.m. are rarely "the committed code had a bug Verify missed." They are:</p>
-
-  <ul>
-    <li>An agent ran <code>rm -rf node_modules ../</code> with a path that traversed out of the workspace.</li>
-    <li>An agent ran <code>DROP TABLE users</code> against the staging connection because the staging connection happened to point at prod.</li>
-    <li>An agent ran <code>git push --force</code> to <code>main</code> to "clean up history" and erased two days of work.</li>
-    <li>An MCP tool was given an outbound URL the agent improvised &mdash; and the URL was a credential-stealing endpoint hidden in a doc the agent ingested.</li>
-    <li>An agent committed <code>.env</code> with live keys, pushed, and the leak detector caught it ninety seconds later.</li>
-  </ul>
-
-  <p>None of those produce committed source code that Verify can read. They are runtime actions that happen <em>between</em> Generate and the next Guide loop. By the time AC/DC's Verify stage runs, the damage is done.</p>
-
-  <div class="callout">
-    <strong>The gap in plain terms:</strong> AC/DC governs what the agent <strong>writes</strong>. The unsolved layer is what the agent <strong>does</strong> &mdash; tool calls, shell commands, file writes, MCP invocations, outbound network calls &mdash; before any of those actions become text that a static analyzer can see.
-  </div>
-
-  <h2>Where runtime enforcement plugs into AC/DC</h2>
-  <p>ThumbGate operates at the PreToolUse boundary inside the agent runtime &mdash; Claude Code, Cursor, OpenAI Codex CLI, Google Gemini CLI, Sourcegraph Amp, Cline, OpenCode, Claude Desktop. When the agent is about to execute a tool call, ThumbGate inspects the proposed call and returns allow, warn, block, or route-to-human. The boundary is the runtime, not the file system.</p>
-
-  <p>Mapped onto AC/DC, that lands in two stages:</p>
-
-  <table>
-    <thead>
-      <tr>
-        <th>AC/DC stage</th>
-        <th>What runtime enforcement adds</th>
-      </tr>
-    </thead>
-    <tbody>
-      <tr class="layer">
-        <td><strong>Guide</strong></td>
-        <td>Local prevention rules promoted from prior failures (auto-generated from feedback hooks) become part of the context handed to the agent. The agent doesn't just see "your team's standards" &mdash; it sees "your team's standards plus a list of specific tool-call patterns that have caused incidents here."</td>
-      </tr>
-      <tr class="layer">
-        <td><strong>Verify (runtime)</strong></td>
-        <td>A second Verify pass runs at PreToolUse: before the agent's proposed tool call executes, ThumbGate checks it against the local lesson DB, allowlists, and policy bundles. Allow, warn, block, or route. Evidence is logged structurally so reviewers can audit decisions later.</td>
-      </tr>
-    </tbody>
-  </table>
-
-  <div class="mini-grid">
-    <div class="mini-card">
-      <h3>Verify of code</h3>
-      <p>Static analysis on committed source code. Catches quality, security, and duplication issues after the diff exists. This is what Sonar does well, and what AC/DC's Verify stage maps to.</p>
-    </div>
-    <div class="mini-card">
-      <h3>Verify of action</h3>
-      <p>Runtime inspection of the proposed tool call before it fires. Catches destructive shell, unauthorized MCP, secret exfiltration, force-push, and out-of-scope file writes &mdash; before they become incidents.</p>
-    </div>
-  </div>
-
-  <h2>The two-layer deployment for an AC/DC team</h2>
-  <p>If your team already runs Sonar (or any static-analysis Verify stage), the integration story is short and additive:</p>
-
-  <ol>
-    <li><strong>Keep AC/DC's Verify on code.</strong> Sonar, SonarQube, or your existing static-analysis pipeline continues to inspect the source the agent produces. Nothing changes there.</li>
-    <li><strong>Add a Verify-of-action layer at the PreToolUse boundary.</strong> Install ThumbGate in the agent runtimes your developers actually use. The runtime now inspects every proposed tool call against your local rules and the prevention-rules.md generated from prior failures.</li>
-    <li><strong>Wire the feedback loop back into Guide.</strong> Every blocked action becomes a lesson. Lessons promote to prevention rules. Prevention rules become part of the context the next Guide iteration hands to the agent. AC/DC's loop closes one stage earlier.</li>
-  </ol>
-
-  <div class="callout callout-green">
-    <strong>Sales line:</strong> If your team adopted AC/DC and stopped at Verify-of-code, you are governing what the agent wrote and not what the agent did. Add the Pre-Execution Gate before the next blast-radius incident teaches you which half of the loop was missing.
-  </div>
-
-  <h2>What this looks like in a buyer demo</h2>
-  <ol>
-    <li>One AC/DC iteration where Sonar's Verify catches a real code-quality issue in generated code. Good. That's what AC/DC promises.</li>
-    <li>One proposed tool call (<code>git push --force origin main</code>) blocked at PreToolUse before execution. Evidence logged.</li>
-    <li>The blocked call promoted to a prevention rule. The next agent run sees that rule in its Guide context.</li>
-    <li>An export a reviewer or risk officer can inspect: allowed calls, blocked calls, overrides, rule-promotion history.</li>
-  </ol>
-
-  <h2>FAQ</h2>
-  <details class="faq-item" open>
-    <summary>Why doesn't AC/DC name a Pre-Execution Gate stage?</summary>
-    <p>AC/DC is framed by Sonar, whose product surface ends at static analysis of code. Naming a runtime-action stage that Sonar doesn't ship would be marketing against itself. The framework is internally consistent for the slice it owns; it just doesn't claim coverage of runtime actions. That's the gap a runtime-enforcement layer fills.</p>
-  </details>
-  <details class="faq-item">
-    <summary>Can I run ThumbGate without Sonar, or vice versa?</summary>
-    <p>Yes to both. ThumbGate adds runtime-action Verify regardless of what static-analysis tool runs alongside it. AC/DC's Verify stage can be filled by any static-analysis pipeline. They are independent layers.</p>
-  </details>
-  <details class="faq-item">
-    <summary>Where do prevention rules come from?</summary>
-    <p>From your team's own incidents and feedback. ThumbGate captures thumbs-down events via feedback hooks, promotes recurring failures to the local lesson DB, and synthesizes prevention rules that survive model upgrades and prompt resets. The rules are local to your team &mdash; they encode your specific failure patterns, not generic SOC2 boilerplate.</p>
-  </details>
-  <details class="faq-item">
-    <summary>Does ThumbGate work with Claude Code only?</summary>
-    <p>No. The PreToolUse boundary exists in Claude Code, Cursor, OpenAI Codex CLI, Google Gemini CLI, Sourcegraph Amp, Cline, OpenCode, and Claude Desktop. ThumbGate's adapter matrix covers all of them. One rule set, every agent runtime.</p>
-  </details>
-
-  <div class="cta-box">
-    <h2 style="color:var(--text);font-size:1.3rem;margin:0 0 8px;">Close the pre-execution gap in AC/DC</h2>
-    <p>Install runtime enforcement at the PreToolUse boundary across every agent your team uses. Local rules, hosted evidence, no static-analyzer in the path.</p>
-    <div class="cta-install">$ npx thumbgate init</div>
-  </div>
-
-  <div class="related">
-    <h3>Related articles</h3>
-    <a href="/learn/background-agent-control-layer">Background Agent Control Layer &rarr;</a>
-    <a href="/learn/mcp-pre-action-checks-explained">MCP Pre-Action Checks Explained &rarr;</a>
-    <a href="/learn/regulated-agent-execution-boundary">Regulated Agent Execution Boundary &rarr;</a>
-    <a href="/compare/anthropic-containment">ThumbGate vs Anthropic Containment &rarr;</a>
-  </div>
-</div>
-
-<div class="sticky-cta">
-  <span style="color:var(--muted)">Try it now:</span>
-  <code>npx thumbgate init</code>
-  <a href="https://github.com/IgorGanapolsky/ThumbGate" target="_blank" rel="noopener">GitHub &rarr;</a>
-</div>
-</body>
-</html>

package/public/learn/agent-harness-pattern.html

@@ -1,181 +0,0 @@
-<!DOCTYPE html>
-<html lang="en">
-<head>
-<meta charset="UTF-8">
-<meta name="viewport" content="width=device-width, initial-scale=1.0">
-<title>The Agent Harness Pattern: Why Your AI Needs a Seatbelt — ThumbGate</title>
-<script defer data-domain="thumbgate.ai" src="https://plausible.io/js/script.js"></script>
-<meta name="description" content="Tsinghua researchers formalized agent harnesses as first-class objects with contracts, verification checks, and durable state. ThumbGate implements this pattern today.">
-<meta name="keywords" content="agent harness pattern, natural language agent harness, NLAH, AI agent safety, pre-action checks, verification checks, agent contracts, ThumbGate, MCP hooks">
-<meta property="og:title" content="The Agent Harness Pattern: Why Your AI Needs a Seatbelt">
-<meta property="og:description" content="Academic research meets production code. How the natural-language agent harness pattern maps to real pre-action checks.">
-<meta property="og:type" content="article">
-<meta property="og:url" content="https://thumbgate.ai/learn/agent-harness-pattern">
-<link rel="canonical" href="https://thumbgate.ai/learn/agent-harness-pattern">
-
-<script type="application/ld+json">
-{
-  "@context": "https://schema.org",
-  "@type": "TechArticle",
-  "headline": "The Agent Harness Pattern: Why Your AI Needs a Seatbelt",
-  "description": "How the natural-language agent harness pattern from academic research maps to real pre-action checks you can ship today.",
-  "author": {
-    "@type": "Person",
-    "name": "Igor Ganapolsky",
-    "url": "https://github.com/IgorGanapolsky"
-  },
-  "publisher": {
-    "@type": "Organization",
-    "name": "ThumbGate",
-    "url": "https://thumbgate.ai"
-  },
-  "datePublished": "2026-04-02",
-  "dateModified": "2026-04-02",
-  "mainEntityOfPage": "https://thumbgate.ai/learn/agent-harness-pattern",
-  "about": [
-    {"@type": "Thing", "name": "agent harness pattern"},
-    {"@type": "Thing", "name": "natural language agent harness"},
-    {"@type": "Thing", "name": "AI agent verification"}
-  ]
-}
-</script>
-
-<link rel="stylesheet" href="/learn/learn.css">
-<style>
-  table { width: 100%; border-collapse: collapse; margin: 1rem 0; }
-  th, td { text-align: left; padding: 0.6rem 0.8rem; border-bottom: 1px solid var(--border); font-size: 0.9rem; }
-  th { color: var(--cyan); font-weight: 600; }
-  .mapping-row td:first-child { color: var(--green); font-weight: 500; }
-</style>
-</head>
-<body>
-
-<nav>
-  <a href="/" class="brand"><img src="/assets/brand/thumbgate-mark-inline.svg" alt="ThumbGate" class="logo-mark" width="28" height="28"><span class="logo-text">ThumbGate</span></a>
-  <a href="/guide">Setup Guide</a>
-  <a href="/learn">Learn</a>
-  <a href="/dashboard">Dashboard</a>
-  <a href="https://github.com/IgorGanapolsky/ThumbGate" target="_blank" rel="noopener">GitHub</a>
-</nav>
-
-<div class="container">
-  <div class="breadcrumb"><a href="/learn">Learn</a> / Agent Harness Pattern</div>
-  <h1>The Agent Harness Pattern: Why Your AI Needs a Seatbelt</h1>
-  <p style="color:var(--muted);">5 min read &middot; Research deep-dive for developers shipping AI agents in production</p>
-
-  <div class="tldr"><strong>TL;DR:</strong> Tsinghua researchers proved that AI agents need harnesses — contracts, verification checks, and durable state. ThumbGate is a production implementation you can ship today.</div>
-
-  <h2>The problem: agents act faster than you can review</h2>
-  <p>AI coding agents can write, commit, and deploy code in seconds. The gap between "agent decides to act" and "irreversible damage" is measured in milliseconds. Prompt instructions alone cannot close that gap because they live inside the same context the agent can override.</p>
-  <p>Researchers at Tsinghua University formalized this problem in their work on Natural-Language Agent Harnesses (NLAH). Their key insight: the safety layer must be <strong>external to the agent</strong>, treated as a first-class object with its own contracts, verification logic, and persistent state.</p>
-
-  <div class="callout">
-    <strong>The core idea:</strong> An agent harness is not a prompt. It is a runtime layer that sits between the agent's intent and the outside world, enforcing contracts that the agent cannot bypass.
-  </div>
-
-  <h2>Four components of an agent harness</h2>
-  <p>The NLAH framework defines four components that any production-grade harness needs. Here is how each maps to a concrete implementation in ThumbGate:</p>
-
-  <table>
-    <thead>
-      <tr>
-        <th>NLAH Component</th>
-        <th>What It Does</th>
-        <th>ThumbGate Implementation</th>
-      </tr>
-    </thead>
-    <tbody>
-      <tr class="mapping-row">
-        <td>Contracts</td>
-        <td>Formal rules that define what the agent must not do</td>
-        <td>Prevention rules in <code>prevention-rules.md</code> — auto-generated from thumbs-down feedback</td>
-      </tr>
-      <tr class="mapping-row">
-        <td>Verification Checks</td>
-        <td>Checkpoints that intercept actions before execution</td>
-        <td>PreToolUse hooks — intercept every tool call, match against checks, block or allow</td>
-      </tr>
-      <tr class="mapping-row">
-        <td>Durable State</td>
-        <td>Persistent memory that survives across sessions</td>
-        <td>SQLite+FTS5 lesson database — feedback, memories, and rules persist and are searchable</td>
-      </tr>
-      <tr class="mapping-row">
-        <td>Adapters</td>
-        <td>Platform-specific connectors for different agent runtimes</td>
-        <td>MCP server + adapters for Claude Code, Cursor, Codex, Gemini, Amp, OpenCode</td>
-      </tr>
-    </tbody>
-  </table>
-
-  <h2>Why contracts beat prompt rules</h2>
-  <p>A prompt rule says: "Do not force-push to main." An agent can reason around that, reinterpret it, or simply lose it in a long context window.</p>
-  <p>A contract says: if the tool call is <code>Bash</code> and the command matches <code>git push.*--force</code> targeting <code>main</code>, return <code>{"decision": "block"}</code>. The agent never executes the command. There is nothing to reason around.</p>
-
-  <div class="callout callout-red">
-    <strong>Prompt rules fail silently.</strong> When a prompt rule is violated, you only find out after the damage is done. A verification check fails loudly — the agent receives a block response and must adapt.
-  </div>
-
-  <h2>Verification checks in practice</h2>
-  <p>Every time your AI agent calls a tool — running a shell command, writing a file, making an API call — a PreToolUse hook fires. ThumbGate checks the call against your checks:</p>
-
-  <ol>
-    <li><strong>Pattern match:</strong> Does the tool name and arguments match any prevention rule?</li>
-    <li><strong>Thompson Sampling:</strong> For rules with uncertain severity, use multi-armed bandit sampling to decide block vs. warn</li>
-    <li><strong>Decision:</strong> Block (hard stop), warn (let agent reconsider), or allow (no match)</li>
-    <li><strong>Feedback loop:</strong> The decision is logged. Thumbs-up/down on outcomes refines future checks.</li>
-  </ol>
-
-  <p>This is the verification check pattern from the NLAH framework, running in production today.</p>
-
-  <h2>Durable state: memory that survives sessions</h2>
-  <p>One of the NLAH paper's strongest arguments is that agent harnesses need persistent state. An agent that forgets its mistakes between sessions will repeat them.</p>
-  <p>ThumbGate stores every feedback event in a SQLite database with full-text search (FTS5). When a new session starts, the agent's context is assembled from relevant past lessons — not the entire history, but the lessons most similar to the current task.</p>
-
-  <div class="callout callout-green">
-    <strong>The feedback loop closes itself:</strong> You thumbs-down a mistake → a prevention rule is generated → the check blocks the mistake next time → the agent adapts → you thumbs-up the adaptation → the rule is reinforced.
-  </div>
-
-  <h2>Adapters: one harness, many agents</h2>
-  <p>The NLAH framework emphasizes platform independence. A harness should work across different agent runtimes without rewriting the safety logic.</p>
-  <p>ThumbGate achieves this through the Model Context Protocol (MCP). Any agent that speaks MCP — Claude Code, Cursor, Codex, Gemini, Amp, OpenCode — connects to the same ThumbGate server and gets the same checks. Write your rules once, enforce everywhere.</p>
-
-  <h2>From research to production in two minutes</h2>
-  <p>The NLAH framework describes what an agent harness <em>should</em> be. ThumbGate is what it looks like when you ship one:</p>
-
-  <pre><code>npx thumbgate init</code></pre>
-
-  <p>That single command sets up:</p>
-  <ul>
-    <li>A PreToolUse hook that intercepts every tool call</li>
-    <li>A SQLite+FTS5 lesson database for durable state</li>
-    <li>Prevention rules generated from your feedback</li>
-    <li>Thompson Sampling for probabilistic check decisions</li>
-    <li>MCP server adapters for your agent runtime</li>
-  </ul>
-
-  <p>You are not writing safety rules from scratch. You are thumbs-downing mistakes and letting the harness learn.</p>
-
-  <div class="cta-box">
-    <h2 style="color:var(--text);font-size:1.3rem;margin:0 0 8px;">Ship the harness pattern today</h2>
-    <p>One command. Works with Claude Code, Cursor, Codex, Gemini, Amp, and any MCP agent.</p>
-    <div class="cta-install">$ npx thumbgate init</div>
-  </div>
-
-  <div class="related">
-    <h3>Related articles</h3>
-    <a href="/learn/mcp-pre-action-checks-explained">MCP Pre-Action Checks Explained →</a>
-    <a href="/learn/stop-ai-agent-force-push">How to Stop AI Agents From Force-Pushing to Main →</a>
-    <a href="/learn/vibe-coding-safety-net">The Vibe Coding Safety Net You Are Missing →</a>
-  </div>
-</div>
-
-
-  <div class="sticky-cta">
-    <span style="color:var(--muted)">Try it now:</span>
-    <code>npx thumbgate init</code>
-    <a href="https://github.com/IgorGanapolsky/ThumbGate" target="_blank" rel="noopener">GitHub &rarr;</a>
-  </div>
-<script src="/js/buyer-intent.js"></script>
-</body>
-</html>

package/public/learn/agent-identity-connector-governance.html

@@ -1,146 +0,0 @@
-<!DOCTYPE html>
-<html lang="en">
-<head>
-<meta charset="UTF-8">
-<meta name="viewport" content="width=device-width, initial-scale=1.0">
-<title>Agent Identity and Connector Governance — ThumbGate</title>
-<meta name="description" content="How ThumbGate gates AI agent identities, MCP connectors, Tool Packs, service accounts, DLP, audit logs, and purpose-permission scope before agents act.">
-<link rel="canonical" href="https://thumbgate.ai/learn/agent-identity-connector-governance">
-<link rel="llm-context" href="/llm-context.md" type="text/markdown">
-<link rel="icon" type="image/png" href="/thumbgate-icon.png">
-<script defer data-domain="thumbgate.ai" src="https://plausible.io/js/script.js"></script>
-<meta property="og:title" content="Agent Identity and Connector Governance">
-<meta property="og:description" content="Agents with connectors are identities. Gate owner, invoker, credentials, permissions, DLP, audit, and purpose before the next tool call.">
-<meta property="og:type" content="article">
-<meta property="og:url" content="https://thumbgate.ai/learn/agent-identity-connector-governance">
-<script type="application/ld+json">
-{
-  "@context": "https://schema.org",
-  "@type": "TechArticle",
-  "headline": "Agent Identity and Connector Governance",
-  "description": "A ThumbGate implementation pattern for treating AI agents and MCP connector tool packs as governed identities with owner, purpose, credentials, permissions, DLP, and audit evidence.",
-  "datePublished": "2026-06-20",
-  "dateModified": "2026-06-20",
-  "author": {
-    "@type": "Person",
-    "name": "Igor Ganapolsky",
-    "url": "https://github.com/IgorGanapolsky"
-  },
-  "publisher": {
-    "@type": "Organization",
-    "name": "ThumbGate",
-    "url": "https://thumbgate.ai"
-  },
-  "url": "https://thumbgate.ai/learn/agent-identity-connector-governance",
-  "about": [
-    "AI agent identity",
-    "MCP connector governance",
-    "least privilege",
-    "agent audit trails"
-  ]
-}
-</script>
-<script type="application/ld+json">
-{
-  "@context": "https://schema.org",
-  "@type": "FAQPage",
-  "mainEntity": [
-    {
-      "@type": "Question",
-      "name": "Is Glean a ThumbGate competitor?",
-      "acceptedAnswer": {
-        "@type": "Answer",
-        "text": "Glean is adjacent, not a direct replacement. Glean is a Work AI platform with enterprise search, agents, connectors, governance, orchestration, and an MCP gateway. ThumbGate is a local-first pre-action enforcement layer for agent tool calls, repeated-failure memory, and proof gates across developer and MCP workflows."
-      }
-    },
-    {
-      "@type": "Question",
-      "name": "How does Merge Agent Handler relate to ThumbGate?",
-      "acceptedAnswer": {
-        "@type": "Answer",
-        "text": "Merge Agent Handler provides production-ready MCP connectors, authentication, scoped access, DLP, observability, and audit logs. ThumbGate complements it by gating whether the next tool call or connector addition matches the agent's owner, purpose, identity, and scope."
-      }
-    }
-  ]
-}
-</script>
-<style>
-  *, *::before, *::after { box-sizing: border-box; }
-  body { margin: 0; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, sans-serif; background: #0a0a0b; color: #ececf0; line-height: 1.65; }
-  nav { display: flex; gap: 22px; align-items: center; padding: 16px 28px; border-bottom: 1px solid #242428; }
-  nav a { color: #a7a7b1; text-decoration: none; font-size: 0.95rem; }
-  nav a:hover { color: #22d3ee; }
-  .brand { color: #fff; font-weight: 700; display: inline-flex; gap: 8px; align-items: center; }
-  .brand img { width: 28px; height: 28px; }
-  main { max-width: 900px; margin: 0 auto; padding: 48px 22px 72px; }
-  h1 { font-size: clamp(2rem, 5vw, 3.55rem); line-height: 1.06; margin: 0 0 18px; max-width: 800px; }
-  h2 { color: #22d3ee; font-size: 1.45rem; margin: 42px 0 14px; }
-  p { margin: 0 0 16px; color: #d6d6de; }
-  a { color: #67e8f9; }
-  .lede { color: #a7a7b1; font-size: 1.15rem; max-width: 760px; }
-  .callout, .card { border: 1px solid #303039; background: #151518; border-radius: 8px; padding: 22px; }
-  .grid { display: grid; grid-template-columns: repeat(2, minmax(0, 1fr)); gap: 18px; margin: 24px 0; }
-  .card { background: #111114; padding: 18px; }
-  .card strong { display: block; color: #fff; margin-bottom: 8px; }
-  code, pre { font-family: "SF Mono", "Cascadia Code", "JetBrains Mono", Consolas, monospace; }
-  pre { overflow-x: auto; background: #050506; border: 1px solid #25252a; border-radius: 8px; padding: 18px; color: #d7f9ff; }
-  .source-note { color: #8f8f99; font-size: 0.92rem; }
-  .cta { display: inline-block; margin-top: 16px; padding: 11px 18px; border-radius: 8px; background: #22d3ee; color: #031114; text-decoration: none; font-weight: 700; }
-  @media (max-width: 720px) { nav { padding: 14px 18px; gap: 14px; flex-wrap: wrap; } main { padding-top: 32px; } .grid { grid-template-columns: 1fr; } }
-</style>
-</head>
-<body>
-<nav>
-  <a href="/" class="brand"><img src="/assets/brand/thumbgate-mark-inline.svg" alt="ThumbGate" width="28" height="28">ThumbGate</a>
-  <a href="/guide">Setup Guide</a>
-  <a href="/learn">Learn</a>
-  <a href="/compare/databricks-unity-ai-gateway">Runtime governance</a>
-</nav>
-<main>
-  <h1>Agents with connectors are identities</h1>
-  <p class="lede">Once an AI agent can authenticate to GitHub, Jira, Slack, Salesforce, Snowflake, cloud, databases, or remote MCP tool packs, it is no longer just a chatbot. It is an actor with credentials, permissions, owners, purpose, and drift.</p>
-
-  <div class="callout">
-    <p><strong>The high-ROI lesson:</strong> treat every agent as an identity and every connector bundle as a scoped permission set. ThumbGate gates the moment before the next action: is this tool call inside the agent's declared purpose, identity, and connector scope?</p>
-    <p class="source-note">Source signals: BleepingComputer/Token Security argued on June 19, 2026 that AI agents are becoming first-class identities; Merge Agent Handler positions production MCP connectors with authentication, scoped access, DLP, observability, and audit logs; Glean positions Work AI with agents, governance, orchestration, connectors, and MCP Gateway; Okta's AI identity checklist frames secure-by-design agent patterns around token vaulting, fine-grained authorization, human-in-the-loop oversight, shadow AI discovery, registration, and lifecycle management.</p>
-  </div>
-
-  <h2>What ThumbGate now gates</h2>
-  <div class="grid">
-    <div class="card"><strong>Identity inventory</strong> Owner, invoker, credential or service account, connected systems, and allowed verbs.</div>
-    <div class="card"><strong>Purpose-permission match</strong> A sales prep agent should not delete database tables or create privileged users.</div>
-    <div class="card"><strong>Connector Tool Pack scope</strong> Remote MCP and connector bundles need allowed tools, auth identity, DLP, audit, and downstream-system evidence.</div>
-    <div class="card"><strong>Review freshness</strong> Agent access changes over time; stale point-in-time reviews are treated as drift signals.</div>
-    <div class="card"><strong>Shadow agent registration</strong> Unregistered agents and imported MCP servers are blocked before privileged tool calls.</div>
-    <div class="card"><strong>Vaulted tokens</strong> Raw connector credentials, plaintext API keys, and unvaulted service tokens require explicit exception evidence.</div>
-  </div>
-
-  <h2>The proof actions</h2>
-  <p>Before a high-trust claim is accepted, ThumbGate can require tracked evidence:</p>
-  <pre><code>track_action("agent_identity_inventory_verified", {
-  owner: "workflow owner",
-  invoker: "who can run the agent",
-  credential: "service account or connector identity",
-  systems: ["GitHub", "Jira", "Slack"],
-  verbs: ["read", "write"],
-  purpose: "triage engineering tickets"
-})
-
-track_action("connector_scope_verified", {
-  platform: "Merge Agent Handler or Glean MCP Gateway",
-  allowedTools: ["create_ticket", "read_issue"],
-  dlp: "enabled",
-  audit: "tool-call logs verified",
-  downstreamSystems: ["Jira"]
-})</code></pre>
-
-  <h2>Is Glean a competitor?</h2>
-  <p>Glean is adjacent and upstream. It is a Work AI platform: enterprise search, assistant, agents, orchestration, connectors, security, and MCP Gateway. It competes for enterprise AI budget, but it does not replace ThumbGate's local-first feedback-to-enforcement loop for Claude Code, Cursor, Codex, Gemini CLI, MCP tools, and developer-machine actions.</p>
-  <p>The wedge is complementary: Glean and Merge help agents reach more enterprise systems. ThumbGate makes each new action boundary safer by checking purpose, identity, connector scope, and prior failures before execution.</p>
-
-  <h2>Buyer message</h2>
-  <p>If your agent can authenticate, it has an identity. If it can call tools, it has a blast radius. ThumbGate gives the operator a pre-action gate for that blast radius.</p>
-  <p><a class="cta" href="/guide">Install ThumbGate locally</a></p>
-</main>
-</body>
-</html>