thumbgate 1.27.12 → 1.27.14

package/public/learn/claude-code-goal-with-rubrics.html

@@ -1,205 +0,0 @@
-<!DOCTYPE html>
-<html lang="en">
-<head>
-<meta charset="UTF-8">
-<meta name="viewport" content="width=device-width, initial-scale=1.0">
-<title>Claude Code /goal vs Todo: The 4-Field Pattern That Actually Holds — ThumbGate</title>
-<script defer data-domain="thumbgate.ai" src="https://plausible.io/js/script.js"></script>
-<meta name="description" content="Treating /goal like a todo wastes Claude Code. The pattern that holds: clear goal, measurable success, shown proof, hard limits. Maps directly to ThumbGate's rubric-engine for enforced verification.">
-<meta name="keywords" content="claude code /goal, claude code goal command, agent goal pattern, measurable success criteria, rubric engine, AI agent verification, ThumbGate rubric">
-<meta property="og:title" content="Claude Code /goal vs Todo: The 4-Field Pattern That Actually Holds">
-<meta property="og:description" content="The /goal command becomes ten times more useful when you treat it as a verifiable contract, not a todo. Here is the 4-field pattern and how to enforce it.">
-<meta property="og:type" content="article">
-<meta property="og:url" content="https://thumbgate.ai/learn/claude-code-goal-with-rubrics">
-<link rel="canonical" href="https://thumbgate.ai/learn/claude-code-goal-with-rubrics">
-
-<script type="application/ld+json">
-{
-  "@context": "https://schema.org",
-  "@type": "TechArticle",
-  "headline": "Claude Code /goal vs Todo: The 4-Field Pattern That Actually Holds",
-  "description": "Treating /goal like a todo wastes Claude Code. The pattern that holds: clear goal, measurable success, shown proof, hard limits — enforced by ThumbGate rubrics.",
-  "author": {
-    "@type": "Person",
-    "name": "Igor Ganapolsky",
-    "url": "https://github.com/IgorGanapolsky"
-  },
-  "publisher": {
-    "@type": "Organization",
-    "name": "ThumbGate",
-    "url": "https://thumbgate.ai"
-  },
-  "datePublished": "2026-05-18",
-  "dateModified": "2026-05-18",
-  "mainEntityOfPage": "https://thumbgate.ai/learn/claude-code-goal-with-rubrics",
-  "about": [
-    {"@type": "Thing", "name": "Claude Code /goal command"},
-    {"@type": "Thing", "name": "AI agent rubric"},
-    {"@type": "Thing", "name": "verifiable AI agent outcomes"}
-  ]
-}
-</script>
-
-<link rel="stylesheet" href="/learn/learn.css">
-<style>
-  table { width: 100%; border-collapse: collapse; margin: 1rem 0; }
-  th, td { text-align: left; padding: 0.6rem 0.8rem; border-bottom: 1px solid var(--border); font-size: 0.9rem; vertical-align: top; }
-  th { color: var(--cyan); font-weight: 600; }
-  .mapping-row td:first-child { color: var(--green); font-weight: 500; }
-  pre.example { background: var(--bg-raised); padding: 14px 16px; border-radius: 8px; font-size: 13px; border-left: 3px solid var(--cyan); margin: 12px 0; overflow-x: auto; }
-</style>
-</head>
-<body>
-
-<nav>
-  <a href="/" class="brand"><img src="/assets/brand/thumbgate-mark-inline.svg" alt="ThumbGate" class="logo-mark" width="28" height="28"><span class="logo-text">ThumbGate</span></a>
-  <a href="/guide">Setup Guide</a>
-  <a href="/learn">Learn</a>
-  <a href="/dashboard">Dashboard</a>
-  <a href="https://github.com/IgorGanapolsky/ThumbGate" target="_blank" rel="noopener">GitHub</a>
-</nav>
-
-<div class="container">
-  <div class="breadcrumb"><a href="/learn">Learn</a> / Claude Code /goal With Rubrics</div>
-  <h1>Claude Code /goal vs Todo: The 4-Field Pattern That Actually Holds</h1>
-  <p style="color:var(--muted);">6 min read &middot; For developers using Claude Code's /goal command in production</p>
-
-  <div class="tldr"><strong>TL;DR:</strong> Treating <code>/goal</code> like a todo wastes the command. The pattern that holds: <strong>clear goal, measurable success, shown proof, hard limits.</strong> That's a 4-field rubric — the same shape ThumbGate's rubric-engine enforces at gate-fire time. Pair them and the agent cannot fake completion.</div>
-
-  <h2>The todo-shaped /goal anti-pattern</h2>
-  <p>A common usage of Claude Code's <code>/goal</code> command looks like this:</p>
-
-  <pre class="example">/goal fix the auth bug</pre>
-
-  <p>This is a todo, not a goal. There is no way for the agent or you to know when the work is actually done. The agent will declare success after the first plausible-looking change, you will discover it was wrong an hour later, and the same conversation will re-enter the loop.</p>
-
-  <div class="callout">
-    <strong>The verifiable-contract reframe:</strong> A goal is not a wish. It is a contract with a clear outcome, a measurable success criterion, an inspectable proof, and a stop condition. Anything short of all four is a todo.
-  </div>
-
-  <h2>The 4-field pattern</h2>
-  <p>Each field maps to a specific failure mode the agent commits when the field is missing:</p>
-
-  <table>
-    <thead>
-      <tr>
-        <th>Field</th>
-        <th>What it answers</th>
-        <th>Failure mode if missing</th>
-      </tr>
-    </thead>
-    <tbody>
-      <tr class="mapping-row">
-        <td>1. Clear goal</td>
-        <td>What is the outcome, in one sentence, that someone outside the project would understand?</td>
-        <td>Scope creep. Agent expands the task to whatever it can find.</td>
-      </tr>
-      <tr class="mapping-row">
-        <td>2. Measurable success</td>
-        <td>What single check, run after the work, returns 0 / pass / a specific number?</td>
-        <td>"Looks done." Agent declares completion on optimistic intermediate signals.</td>
-      </tr>
-      <tr class="mapping-row">
-        <td>3. Shown proof</td>
-        <td>What output, file, or screenshot will be in the final message proving the check ran?</td>
-        <td>Hallucinated completion. Agent reports a green test that was never executed.</td>
-      </tr>
-      <tr class="mapping-row">
-        <td>4. Hard limits</td>
-        <td>What is the deadline, retry cap, or scope cliff that stops the work even if not yet "done"?</td>
-        <td>Infinite spin. Agent keeps trying variants past any reasonable budget.</td>
-      </tr>
-    </tbody>
-  </table>
-
-  <h2>Concrete /goal phrasing</h2>
-  <p>Same task, todo-shape vs goal-shape:</p>
-
-  <pre class="example"><strong>Todo shape (anti-pattern):</strong>
-/goal fix the auth bug
-
-<strong>Goal shape:</strong>
-/goal fix the auth bug
-  success: npm test --testPathPattern=auth returns exit 0 with 12 passing
-  proof: paste the final 'PASS auth' line of the test output
-  limit: stop after 3 implementation attempts; if still failing, file a /thumbsdown</pre>
-
-  <p>The agent now has a contract it cannot fake. The success criterion is mechanical (exit code + count). The proof is inspectable (a literal line of output). The limit is a stop condition that triggers a feedback capture instead of a fifth wasted attempt.</p>
-
-  <h2>Where ThumbGate plugs in</h2>
-  <p>The 4-field pattern is exactly the shape of a rubric. ThumbGate's <code>scripts/rubric-engine.js</code> evaluates each completed agent task against a 4-field rubric:</p>
-
-  <table>
-    <thead>
-      <tr>
-        <th>Claude Code /goal field</th>
-        <th>ThumbGate rubric field</th>
-        <th>What ThumbGate does</th>
-      </tr>
-    </thead>
-    <tbody>
-      <tr class="mapping-row">
-        <td>Clear goal</td>
-        <td><code>rubric.goal</code></td>
-        <td>Stored as the canonical task description in the feedback log</td>
-      </tr>
-      <tr class="mapping-row">
-        <td>Measurable success</td>
-        <td><code>rubric.verification.check</code></td>
-        <td>The check is run before the agent's "done" claim is promoted to memory</td>
-      </tr>
-      <tr class="mapping-row">
-        <td>Shown proof</td>
-        <td><code>rubric.verification.evidence</code></td>
-        <td>Captured into the lesson DB; missing proof = no promotion</td>
-      </tr>
-      <tr class="mapping-row">
-        <td>Hard limits</td>
-        <td><code>rubric.budget</code></td>
-        <td>Tied to budget-guard.js — when limit hit, ThumbGate forces a thumbs-down capture and surfaces it for review</td>
-      </tr>
-    </tbody>
-  </table>
-
-  <div class="callout callout-green">
-    <strong>Two layers, same shape:</strong> Claude Code's <code>/goal</code> sets the contract at task start. ThumbGate's rubric-engine enforces it at task end. The agent cannot promote a "done" memory unless every rubric field has the proof attached.
-  </div>
-
-  <h2>What this prevents in practice</h2>
-  <p>Three concrete agent failure modes the paired pattern blocks:</p>
-
-  <ul>
-    <li><strong>Test-skipping.</strong> Agent reports "tests pass" but never ran them. Rubric verification.check runs the actual command and refuses the "done" promotion if exit code != 0.</li>
-    <li><strong>Optimistic completion.</strong> Agent declares success on the first plausible change. The proof field requires an inspectable artifact (test output line, screenshot, exit code) that has to exist before promotion.</li>
-    <li><strong>Budget run-away.</strong> Agent retries silently across 8+ attempts. Hard limit triggers a budget-guard block, forces feedback capture, and prevents the same pattern from recurring on the next prompt.</li>
-  </ul>
-
-  <h2>Five minutes to wire it</h2>
-  <p>In your project root:</p>
-
-  <pre><code>npx thumbgate init</code></pre>
-
-  <p>Then, in any conversation, use the goal-shape phrasing above. ThumbGate's rubric-engine runs as part of the PreToolUse hook chain; no extra config required. The first time the agent tries to promote a "done" claim without proof, you'll see the gate fire in your dashboard.</p>
-
-  <div class="cta-box">
-    <h2 style="color:var(--text);font-size:1.3rem;margin:0 0 8px;">Pair /goal with a rubric the agent cannot fake.</h2>
-    <p>Works with Claude Code, Cursor, Codex, Gemini, Amp, OpenCode, and any MCP-compatible agent.</p>
-    <div class="cta-install">$ npx thumbgate init</div>
-  </div>
-
-  <div class="related">
-    <h3>Related articles</h3>
-    <a href="/learn/agent-harness-pattern">The Agent Harness Pattern: Why Your AI Needs a Seatbelt &rarr;</a>
-    <a href="/learn/agent-swarms-shared-gates">Agent Swarms: One Gate Layer, Every Model &rarr;</a>
-    <a href="/learn/mcp-pre-action-checks-explained">MCP Pre-Action Checks Explained &rarr;</a>
-  </div>
-</div>
-
-
-  <div class="sticky-cta">
-    <span style="color:var(--muted)">Try it now:</span>
-    <code>npx thumbgate init</code>
-    <a href="https://github.com/IgorGanapolsky/ThumbGate" target="_blank" rel="noopener">GitHub &rarr;</a>
-  </div>
-</body>
-</html>

package/public/learn/codex-role-plugins-need-governance.html

@@ -1,125 +0,0 @@
-<!DOCTYPE html>
-<html lang="en">
-<head>
-<meta charset="UTF-8">
-<meta name="viewport" content="width=device-width, initial-scale=1.0">
-<title>Codex Role Plugins Need Pre-Action Governance — ThumbGate</title>
-<script defer data-domain="thumbgate.ai" src="https://plausible.io/js/script.js"></script>
-<meta name="description" content="Codex plugins, Sites, and annotations move AI work from code into sales, analytics, design, finance, and documents. Teams need pre-action governance before those workflows publish, share, or modify business systems.">
-<meta name="keywords" content="Codex plugins, Codex Sites, Codex annotations, ChatGPT Codex, role-specific AI agents, pre-action governance, Codex plugin governance, ThumbGate">
-<meta property="og:title" content="Codex Role Plugins Need Pre-Action Governance">
-<meta property="og:description" content="As Codex expands beyond coding into role-specific plugins, ThumbGate is the evidence and policy layer before AI work touches business systems.">
-<meta property="og:type" content="article">
-<meta property="og:url" content="https://thumbgate.ai/learn/codex-role-plugins-need-governance">
-<link rel="canonical" href="https://thumbgate.ai/learn/codex-role-plugins-need-governance">
-
-<script type="application/ld+json">
-{
-  "@context": "https://schema.org",
-  "@type": "TechArticle",
-  "headline": "Codex Role Plugins Need Pre-Action Governance",
-  "description": "Codex plugins, Sites, and annotations move AI work from code into sales, analytics, design, finance, and documents. Teams need pre-action governance before those workflows publish, share, or modify business systems.",
-  "author": { "@type": "Person", "name": "Igor Ganapolsky", "url": "https://github.com/IgorGanapolsky" },
-  "publisher": { "@type": "Organization", "name": "ThumbGate", "url": "https://thumbgate.ai" },
-  "datePublished": "2026-06-03",
-  "dateModified": "2026-06-03",
-  "mainEntityOfPage": "https://thumbgate.ai/learn/codex-role-plugins-need-governance",
-  "about": [
-    { "@type": "Thing", "name": "Codex plugins" },
-    { "@type": "Thing", "name": "Codex Sites" },
-    { "@type": "Thing", "name": "role-specific AI agents" },
-    { "@type": "Thing", "name": "pre-action governance" }
-  ]
-}
-</script>
-
-<link rel="stylesheet" href="/learn/learn.css">
-<style>
-  .matrix { width: 100%; border-collapse: collapse; margin: 1rem 0 1.5rem; }
-  .matrix th, .matrix td { text-align: left; padding: 0.7rem 0.8rem; border-bottom: 1px solid var(--border); vertical-align: top; }
-  .matrix th { color: var(--cyan); font-weight: 600; }
-</style>
-</head>
-<body>
-
-<nav>
-  <a href="/" class="brand"><img src="/assets/brand/thumbgate-mark-inline.svg" alt="ThumbGate" class="logo-mark" width="28" height="28"><span class="logo-text">ThumbGate</span></a>
-  <a href="/guide">Setup Guide</a>
-  <a href="/learn">Learn</a>
-  <a href="/dashboard">Dashboard</a>
-  <a href="https://github.com/IgorGanapolsky/ThumbGate" target="_blank" rel="noopener">GitHub</a>
-</nav>
-
-<div class="container">
-  <div class="breadcrumb"><a href="/learn">Learn</a> / Codex Role Plugin Governance</div>
-  <h1>Codex role plugins need a governance layer before they touch business systems.</h1>
-  <p style="color:var(--muted);">6 min read &middot; For teams adopting Codex plugins, Sites, annotations, and non-developer AI workflows</p>
-
-  <div class="tldr"><strong>TL;DR:</strong> Codex is becoming a cross-functional work surface, not only a coding tool. OpenAI's Codex docs describe plugins as installable bundles of skills, app integrations, and MCP servers, plus Sites for hosted apps and dashboards. That makes ThumbGate's job sharper: enforce policy, evidence, and feedback-derived blocks before role-specific agents publish, share, edit, deploy, or write into customer systems.</div>
-
-  <h2>The product shift</h2>
-  <p>Codex plugins package skills, app integrations, and MCP servers into reusable workflows. Sites can turn Codex output into hosted websites, apps, dashboards, and games. Annotations let a user select part of a document, spreadsheet, or slide and ask Codex to work on that selected region.</p>
-  <p>That is powerful because non-developers can now use the same inspect, edit, verify, report loop on business artifacts. It is risky for the same reason: the action surface expands from code to CRM records, revenue dashboards, design assets, finance decks, sales sequences, and hosted internal tools.</p>
-
-  <div class="callout">
-    <strong>ThumbGate's wedge:</strong> The more Codex becomes a role-specific operating layer, the more every team needs a pre-action policy layer outside the prompt.
-  </div>
-
-  <h2>What can go wrong without gates</h2>
-  <ul>
-    <li>A sales plugin drafts or updates outreach from stale positioning after a thumbs-down already rejected that claim.</li>
-    <li>A data plugin publishes a dashboard before the source query, date window, and metric definition are proven.</li>
-    <li>A Sites workflow deploys a public prototype before access mode, secrets, and intended audience are checked.</li>
-    <li>A document annotation updates one selected section while breaking a compliance statement elsewhere in the same deck.</li>
-    <li>A non-developer approves a tool action without knowing it writes to production systems.</li>
-  </ul>
-
-  <h2>The governance map</h2>
-  <table class="matrix">
-    <thead>
-      <tr><th>Codex surface</th><th>Why it matters</th><th>ThumbGate gate</th></tr>
-    </thead>
-    <tbody>
-      <tr><td>Role plugin</td><td>Bundles repeatable work for sales, analytics, design, finance, and operations.</td><td>Require role-specific allowed tools, scopes, and blocked action patterns before execution.</td></tr>
-      <tr><td>App integration</td><td>Lets Codex read or write external systems.</td><td>Route CRM, email, billing, data warehouse, and file-share writes through approval and audit checks.</td></tr>
-      <tr><td>MCP server</td><td>Adds custom tools and shared information.</td><td>Inventory tools, tag high-risk writes, and block unauthorized tool calls before the model invokes them.</td></tr>
-      <tr><td>Sites</td><td>Turns output into shareable hosted apps and dashboards.</td><td>Require build proof, access mode, secret handling, and deployment evidence before publish.</td></tr>
-      <tr><td>Annotations</td><td>Targets exact regions of documents, spreadsheets, and slides.</td><td>Require source-region evidence and prevent partial edits from bypassing whole-document policy.</td></tr>
-    </tbody>
-  </table>
-
-  <h2>High-ROI implementation</h2>
-  <ol>
-    <li><strong>Ship role-specific gate templates:</strong> sales, analytics, design, finance, legal, and customer-support templates with allowed actions and evidence labels.</li>
-    <li><strong>Make plugin install prove itself:</strong> every Codex plugin install path should end with <code>npx thumbgate feedback-self-test</code> and one real gate check.</li>
-    <li><strong>Gate Sites deploys:</strong> block public deploy or access widening until build, audience, and secret-handling proof are attached.</li>
-    <li><strong>Gate annotated edits:</strong> require the selected artifact region, intended edit, and document-level invariant before saving or exporting.</li>
-    <li><strong>Measure the new buyer metric:</strong> role-workflow repeats blocked before execution, split by role and tool surface.</li>
-  </ol>
-
-  <div class="callout callout-green">
-    <strong>Sales wedge:</strong> "Codex plugins make every team faster. ThumbGate makes every team safer before the plugin writes, shares, deploys, or publishes."
-  </div>
-
-  <div class="cta-box">
-    <h2 style="color:var(--text);font-size:1.3rem;margin:0 0 8px;">Add gates to one role workflow</h2>
-    <p>Start with the role, the write surface, and the evidence required before that role's agent can claim success.</p>
-    <div class="cta-install">$ npx thumbgate init --agent codex</div>
-  </div>
-
-  <div class="related">
-    <h3>Related articles</h3>
-    <a href="/codex-plugin">ThumbGate for Codex &rarr;</a>
-    <a href="/learn/deterministic-agent-workflows">Deterministic Agent Workflows Need Runtime Gates &rarr;</a>
-    <a href="/learn/agentic-os-team-governance">Agentic OS Team Governance &rarr;</a>
-    <a href="/learn/background-agent-control-layer">Background Agents Need a Control Layer &rarr;</a>
-  </div>
-</div>
-
-<div class="sticky-cta">
-  <span style="color:var(--muted)">Try it now:</span>
-  <code>npx thumbgate init --agent codex</code>
-  <a href="https://github.com/IgorGanapolsky/ThumbGate" target="_blank" rel="noopener">GitHub &rarr;</a>
-</div>
-</body>
-</html>

package/public/learn/cost-aware-agent-gate-routing.html

@@ -1,173 +0,0 @@
-<!DOCTYPE html>
-<html lang="en">
-<head>
-<meta charset="UTF-8">
-<meta name="viewport" content="width=device-width, initial-scale=1.0">
-<title>Cost-Aware Agent Gate Routing — ThumbGate</title>
-<script defer data-domain="thumbgate.ai" src="https://plausible.io/js/script.js"></script>
-<meta name="description" content="How ThumbGate routes agent checks through deterministic rules, semantic cache, local classifiers, LLM judges, and human review so teams avoid unnecessary latency, tokens, and provider calls.">
-<meta name="keywords" content="AI agent gate routing, LLM classifier, semantic caching, agent governance, pre-action checks, workflow harness, structured data provenance, ThumbGate">
-<meta property="og:title" content="Cost-Aware Agent Gate Routing">
-<meta property="og:description" content="Use deterministic checks, semantic cache, local classifiers, and LLM judges in the right order before an agent action runs.">
-<meta property="og:type" content="article">
-<meta property="og:url" content="https://thumbgate.ai/learn/cost-aware-agent-gate-routing">
-<link rel="canonical" href="https://thumbgate.ai/learn/cost-aware-agent-gate-routing">
-
-<script type="application/ld+json">
-{
-  "@context": "https://schema.org",
-  "@type": "TechArticle",
-  "headline": "Cost-Aware Agent Gate Routing",
-  "description": "How ThumbGate routes agent checks through deterministic rules, semantic cache, local classifiers, LLM judges, and human review so teams avoid unnecessary latency, tokens, and provider calls.",
-  "author": {
-    "@type": "Person",
-    "name": "Igor Ganapolsky",
-    "url": "https://github.com/IgorGanapolsky"
-  },
-  "publisher": {
-    "@type": "Organization",
-    "name": "ThumbGate",
-    "url": "https://thumbgate.ai"
-  },
-  "datePublished": "2026-06-03",
-  "dateModified": "2026-06-03",
-  "mainEntityOfPage": "https://thumbgate.ai/learn/cost-aware-agent-gate-routing",
-  "about": [
-    {"@type": "Thing", "name": "pre-action checks"},
-    {"@type": "Thing", "name": "semantic caching"},
-    {"@type": "Thing", "name": "LLM classifiers"},
-    {"@type": "Thing", "name": "agent workflows"}
-  ]
-}
-</script>
-
-<link rel="stylesheet" href="/learn/learn.css">
-<style>
-  .matrix { width: 100%; border-collapse: collapse; margin: 1rem 0 1.5rem; }
-  .matrix th, .matrix td { text-align: left; padding: 0.7rem 0.8rem; border-bottom: 1px solid var(--border); vertical-align: top; }
-  .matrix th { color: var(--cyan); font-weight: 600; }
-  .command { background: var(--bg-card); border: 1px solid var(--border); border-radius: 8px; padding: 1rem; margin: 1rem 0; overflow-x: auto; }
-</style>
-</head>
-<body>
-
-<nav>
-  <a href="/" class="brand"><img src="/assets/brand/thumbgate-mark-inline.svg" alt="ThumbGate" class="logo-mark" width="28" height="28"><span class="logo-text">ThumbGate</span></a>
-  <a href="/guide">Setup Guide</a>
-  <a href="/learn">Learn</a>
-  <a href="/dashboard">Dashboard</a>
-  <a href="https://github.com/IgorGanapolsky/ThumbGate" target="_blank" rel="noopener">GitHub</a>
-</nav>
-
-<div class="container">
-  <div class="breadcrumb"><a href="/learn">Learn</a> / Cost-Aware Gate Routing</div>
-  <h1>Cost-aware agent gates: rules first, models last.</h1>
-  <p style="color:var(--muted);">7 min read &middot; For teams trying to make agent governance fast enough to stay on by default</p>
-
-  <div class="tldr"><strong>TL;DR:</strong> The expensive part of agent governance should not run on every action. ThumbGate should route checks through deterministic rules, semantic cache, local text classifiers, and local semantic recall before using an LLM judge. High-risk private ambiguity should stop for human review instead of calling a cloud model.</div>
-
-  <h2>The pattern across the latest agent infrastructure work</h2>
-  <p>The same lesson keeps showing up in different forms. Semantic caching cuts repeated LLM calls. Traditional text classifiers beat LLMs on speed and cost when labels are clear. Breadth-first query execution batches similar work instead of walking one branch at a time. Structured live dataset agents only become trustworthy when every row has source provenance. Streaming output removes dead air. Dynamic harnesses work best when critic, tournament, loop, and fan-out patterns are selected deliberately.</p>
-  <p>For ThumbGate, these are not separate product bets. They collapse into one control-plane rule: <strong>choose the cheapest reliable gate before the action runs.</strong></p>
-
-  <h2>The routing ladder</h2>
-  <table class="matrix">
-    <thead>
-      <tr>
-        <th>Lane</th>
-        <th>Use when</th>
-        <th>Why it is high ROI</th>
-      </tr>
-    </thead>
-    <tbody>
-      <tr>
-        <td>Deterministic</td>
-        <td>Secrets, force-push, destructive SQL, protected files, known repeated commands.</td>
-        <td>Near-zero latency, no tokens, no provider call. This is the default for exact policy risk.</td>
-      </tr>
-      <tr>
-        <td>Semantic cache</td>
-        <td>A prompt or action is semantically equivalent to a prior rejected or approved pattern.</td>
-        <td>Returns the cached decision without rerunning the judge. This is the AISG-style buyer message applied to pre-action checks.</td>
-      </tr>
-      <tr>
-        <td>Rubric gate</td>
-        <td>A critic/rubric loop failed a criterion, hit its cap, or lacks done evidence.</td>
-        <td>Turns LangChain-style rubric iteration into an enforcement event: block completion claims until the missing proof exists.</td>
-      </tr>
-      <tr>
-        <td>Local classical classifier</td>
-        <td>High-volume labels with enough examples and low ambiguity.</td>
-        <td>Fast and cheap for routine feedback triage, import classification, and known error families.</td>
-      </tr>
-      <tr>
-        <td>Local semantic recall</td>
-        <td>Few examples, fuzzy near-misses, or cross-session recurrence.</td>
-        <td>Keeps private context local while catching cases regex and keyword routing miss.</td>
-      </tr>
-      <tr>
-        <td>LLM judge</td>
-        <td>High-risk semantic ambiguity with explicit cloud permission and a budget cap.</td>
-        <td>Useful for critic/rubric review, multi-document evidence review, and structured provenance checks, but not for every action.</td>
-      </tr>
-      <tr>
-        <td>Human review</td>
-        <td>Private, regulated, payment, credential, customer-data, or unbounded external-posting risk.</td>
-        <td>Prevents automation from laundering a risky decision through a model call.</td>
-      </tr>
-    </tbody>
-  </table>
-
-  <h2>What changed in ThumbGate</h2>
-  <p>ThumbGate now has a small, testable routing primitive that makes this policy explicit:</p>
-  <div class="command"><code>node scripts/classifier-routing.js --risk=high --ambiguity=0.82 --allow-cloud --latency-ms=5000</code></div>
-  <p>That command returns an evidence-requiring LLM judge lane. Add <code>--semantic-cache-hit</code>, and it reuses the prior decision without a provider call. Add <code>--rubric-failed</code> or <code>--structured-dataset --missing-provenance</code>, and it blocks completion through the rubric gate. Change the same high-risk ambiguous input to <code>--privacy-sensitive</code> without <code>--allow-cloud</code>, and it routes to human review instead.</p>
-
-  <h2>How the newer signals map to product work</h2>
-  <ul>
-    <li><strong>Scikit-LLM vs traditional classifiers:</strong> do not spend LLM calls on low-ambiguity bulk labels.</li>
-    <li><strong>Semantic proxy caching:</strong> reuse a prior decision when prompt meaning has not changed.</li>
-    <li><strong>LangChain-style rubrics:</strong> turn failed criteria into completion blockers instead of post-hoc scores.</li>
-    <li><strong>Shopify Cardinal BFS:</strong> batch and evaluate similar gate scopes together instead of repeatedly traversing the same nested context.</li>
-    <li><strong>BigSet-style dataset agents:</strong> require structured rows, source URLs, and retrieval traces before accepting live web data.</li>
-    <li><strong>Streaming agent output:</strong> stream progress events during long gate reviews so users know the gate is working.</li>
-    <li><strong>Dynamic harness patterns:</strong> use critic/rubric for correctness, tournament for ranking, loop-until-done for open-ended work, and fan-out/synthesize for parallel research.</li>
-  </ul>
-
-  <div class="callout callout-green">
-    <strong>Buyer proof:</strong> show the same risky action going through three routes: exact repeat blocked instantly, fuzzy repeat caught locally, and genuinely ambiguous production change paused for evidence or human review.
-  </div>
-
-  <h2>Implementation checklist</h2>
-  <ol>
-    <li>Put exact denials and approval boundaries in deterministic checks.</li>
-    <li>Cache semantically equivalent gate decisions with provenance and expiry.</li>
-    <li>Use local text classification for routine high-volume feedback labels.</li>
-    <li>Use local semantic recall for sparse, fuzzy, or cross-session lessons.</li>
-    <li>Treat failed rubrics and missing source provenance as gate failures, not just evaluation notes.</li>
-    <li>Reserve LLM judges for ambiguous high-value decisions with evidence requirements.</li>
-    <li>Stream progress for long reviews and record every routed decision in the audit trail.</li>
-  </ol>
-
-  <div class="cta-box">
-    <h2 style="color:var(--text);font-size:1.3rem;margin:0 0 8px;">Try the routing primitive</h2>
-    <p>Check the gate lane before spending tokens on a risky decision.</p>
-    <div class="cta-install">$ node scripts/classifier-routing.js --hard-rule --risk=critical</div>
-  </div>
-
-  <div class="related">
-    <h3>Related articles</h3>
-    <a href="/learn/deterministic-agent-workflows">Deterministic Agent Workflows Need Runtime Gates &rarr;</a>
-    <a href="/learn/agentic-os-team-governance">Agentic OS Team Governance &rarr;</a>
-    <a href="/learn/agentic-enterprise-context-brain">Agentic Enterprise Context Brain &rarr;</a>
-    <a href="/learn/mcp-pre-action-checks-explained">MCP Pre-Action Checks Explained &rarr;</a>
-  </div>
-</div>
-
-<div class="sticky-cta">
-  <span style="color:var(--muted)">Install:</span>
-  <code>npx thumbgate init</code>
-  <a href="https://github.com/IgorGanapolsky/ThumbGate" target="_blank" rel="noopener">GitHub &rarr;</a>
-</div>
-</body>
-</html>